login-csx.pages.dev Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://login-csx.pages.dev/
Effective URL:
https://login-csx.pages.dev/
Submission: On October 29 via manual (October 29th 2024, 12:59:05 pm UTC) from US — Scanned from NL

Summary HTTP 71 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 8 domains to perform 71 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is login-csx.pages.dev.
TLS certificate: Issued by WE1 on October 29th 2024. Valid for: 3 months.

This is the only time login-csx.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SoFi (Financial)

Domain & IP information

	IP Address	AS Autonomous System
6 46	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.43.176.137 52.43.176.137	16509 (AMAZON-02) (AMAZON-02)
17	91.235.132.67 91.235.132.67	30286 (THM) (THM)
1	18.66.122.106 18.66.122.106	16509 (AMAZON-02) (AMAZON-02)
2	104.18.94.41 104.18.94.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.18.95.41 104.18.95.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2251:2e00:10:8d:3740:21	16509 (AMAZON-02) (AMAZON-02)
2	104.18.38.31 104.18.38.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	99.86.1.157 99.86.1.157	16509 (AMAZON-02) (AMAZON-02)
1	192.225.158.1 192.225.158.1	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
71	14

46 188.114.96.3 (Amsterdam, Netherlands) 6 redirects

ASN13335 (CLOUDFLARENET, US)

login-csx.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.43.176.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-176-137.us-west-2.compute.amazonaws.com

fontmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 91.235.132.67 (United States)

ASN30286 (THM, US)

st10.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-106.fra60.r.cloudfront.net

js.dvnfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.95.41 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:2e00:10:8d:3740:21 (United States)

ASN16509 (AMAZON-02, US)

d3331otr86r7j1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.38.31 (None, )

ASN13335 (CLOUDFLARENET, US)

fp.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.1.157 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-157.fra6.r.cloudfront.net

d32ijn7u0aqfv4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.225.158.1 (United States)

ASN30286 (THM, US)

h64.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

5ugj8dr8p2p65btwine3nfzsn4vynwlqmee2e2ume47229dbdeca8647am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	pages.dev 6 redirects login-csx.pages.dev	2 MB
19	sofi.com st10.sofi.com — Cisco Umbrella Rank: 113526 fp.sofi.com — Cisco Umbrella Rank: 148322	85 KB
4	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3168 h64.online-metrix.net — Cisco Umbrella Rank: 2424 5ugj8dr8p2p65btwine3nfzsn4vynwlqmee2e2ume47229dbdeca8647am1.e.aa.online-metrix.net	1 KB
4	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 3443	16 KB
2	cloudfront.net d3331otr86r7j1.cloudfront.net d32ijn7u0aqfv4.cloudfront.net	35 KB
1	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	2 KB
1	dvnfo.com js.dvnfo.com — Cisco Umbrella Rank: 98616	42 KB
1	fontmetrics.net fontmetrics.net — Cisco Umbrella Rank: 309991	74 B
71	8

	Domain	Requested by
46	login-csx.pages.dev	6 redirects login-csx.pages.dev
17	st10.sofi.com	login-csx.pages.dev st10.sofi.com
4	challenges.cloudflare.com	1 redirects login-csx.pages.dev challenges.cloudflare.com
2	h.online-metrix.net	login-csx.pages.dev st10.sofi.com
2	fp.sofi.com	js.dvnfo.com
1	5ugj8dr8p2p65btwine3nfzsn4vynwlqmee2e2ume47229dbdeca8647am1.e.aa.online-metrix.net
1	h64.online-metrix.net	st10.sofi.com
1	d32ijn7u0aqfv4.cloudfront.net
1	d3331otr86r7j1.cloudfront.net	login-csx.pages.dev
1	cdn.cookielaw.org	login-csx.pages.dev
1	js.dvnfo.com	login-csx.pages.dev
1	fontmetrics.net	login-csx.pages.dev
71	12

This site contains links to these domains. Also see Links.

Domain
www.sofi.com
login.sofi.com
support.sofi.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
login-csx.pages.dev WE1	`2024-10-29` - `2025-01-27`	3 months	crt.sh
fontmetrics.net Amazon RSA 2048 M03	`2024-10-07` - `2025-11-05`	a year	crt.sh
st10.sofi.com Go Daddy Secure Certificate Authority - G2	`2024-03-26` - `2025-04-05`	a year	crt.sh
*.dvnfo.com Amazon RSA 2048 M03	`2024-04-22` - `2025-05-21`	a year	crt.sh
challenges.cloudflare.com WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.sofi.com Go Daddy Secure Certificate Authority - G2	`2023-11-28` - `2024-12-29`	a year	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-09-19` - `2025-10-20`	a year	crt.sh
*.aa.online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-09-19` - `2025-10-20`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://login-csx.pages.dev/
Frame ID: 99DCAEE4E352B006A029D07F3BE80989
Requests: 24 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yqx2k/0x4AAAAAAAQFNSW6xordsuIq/light/fbE/normal/en/
Frame ID: 6B69752D5E07348044D095538AB07E8D
Requests: 1 HTTP requests in this frame

Frame: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource
Frame ID: 0DD320907EAB6AC2AF234216F21CB295
Requests: 1 HTTP requests in this frame

Frame: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Frame ID: 04B7C409E80215B8AECB92A768C4A2EC
Requests: 16 HTTP requests in this frame

Frame: https://login-csx.pages.dev/Login%20-%20SoFi_files/HP
Frame ID: 892F855B17618E56E9C28F99E043F84C
Requests: 3 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mkksk/0x4AAAAAAAQFNSW6xordsuIq/light/fbE/normal/en/
Frame ID: 4A0C242876492F2D4BBE3CEDE857D366
Requests: 1 HTTP requests in this frame

Frame: https://login-csx.pages.dev/Login%20-%20SoFi_files/ls_fp
Frame ID: 15279F03B40094AE7065A6D858C8414B
Requests: 5 HTTP requests in this frame

Frame: https://login-csx.pages.dev/Login%20-%20SoFi_files/sid_fp
Frame ID: 68843D8ECA64889903C749DF5FA9856A
Requests: 3 HTTP requests in this frame

Frame: https://login-csx.pages.dev/Login%20-%20SoFi_files/top_fp
Frame ID: EC2B2A74BBBA08E60B98573B4D0B83C7
Requests: 1 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/check.js;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647&jb=35302e2468736d77354e6b6c7770266a7b6d3544696e757024627160753d416a706d6f65266a7b603f436a70676f67273038313338
Frame ID: E24843130306D2FE4287B3A9EC1D1040
Requests: 12 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/HP?session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&org_id=5ugj8dr8&nonce=e47229dbdeca8647&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 37DD8435BF8C51C553B76E8C4D378540
Requests: 1 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/ls_fp.html;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647
Frame ID: 53D82032A1D841006C1B4B965677E08E
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647
Frame ID: 2326CF3CB8EF852DC9ACA09B75A927D9
Requests: 1 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/top_fp.html;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647
Frame ID: 1919EE0A9A1F0CB4A96AD11A91125AB3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - SoFi

Page URL History Show full URLs

http://login-csx.pages.dev/ HTTP 307
https://login-csx.pages.dev/ Page URL

Detected technologies

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

71
Requests

99 %
HTTPS

15 %
IPv6

8
Domains

12
Subdomains

14
IPs

3
Countries

1782 kB
Transfer

2795 kB
Size

5
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sofi.com/

Search URL Search Domain Scan URL

URL: https://login.sofi.com/u/login/password-reset-start/sofi-auth-db?state=hKFo2SBuNEpNMkFIVUxLdkx0YlJBOXRDSnVvNDVqZWpEV2hXN6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFNYbUZReS15ek1QVFM1WWdManFJWjNwSkc5a1hySUJUo2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I
Title: Forgot password?

Search URL Search Domain Scan URL

URL: https://login.sofi.com/u/login?state=hKFo2SBuNEpNMkFIVUxLdkx0YlJBOXRDSnVvNDVqZWpEV2hXN6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFNYbUZReS15ek1QVFM1WWdManFJWjNwSkc5a1hySUJUo2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I
Title: New to SoFi? Sign up

Search URL Search Domain Scan URL

URL: https://support.sofi.com/hc/en-us/sections/360010482151-Troubleshooting
Title: Help

Search URL Search Domain Scan URL

URL: https://www.sofi.com/terms-of-use/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.sofi.com/privacy-policies/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.sofi.com/online-privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://login-csx.pages.dev/ HTTP 307
https://login-csx.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=captchaCallback_338048 HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js

Request Chain 19

https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource.html HTTP 308
https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource

Request Chain 20

https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1).html HTTP 308
https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Request Chain 21

https://login-csx.pages.dev/Login%20-%20SoFi_files/HP.html HTTP 308
https://login-csx.pages.dev/Login%20-%20SoFi_files/HP

Request Chain 43

https://login-csx.pages.dev/Login%20-%20SoFi_files/ls_fp.html HTTP 308
https://login-csx.pages.dev/Login%20-%20SoFi_files/ls_fp

Request Chain 44

https://login-csx.pages.dev/Login%20-%20SoFi_files/sid_fp.html HTTP 308
https://login-csx.pages.dev/Login%20-%20SoFi_files/sid_fp

Request Chain 45

https://login-csx.pages.dev/Login%20-%20SoFi_files/top_fp.html HTTP 308
https://login-csx.pages.dev/Login%20-%20SoFi_files/top_fp

71 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
login-csx.pages.dev/
Redirect Chain

http://login-csx.pages.dev/
https://login-csx.pages.dev/

169 KB
37 KB

92ms
57ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

281f77331b6fcd4f1db65eda99cee9c7478055127ca878edddc20c380c03df6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8da3571dbcd09fcf-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 12:59:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8iePFqhJwfs8jEKAzojuR2eS9jLdItDJtM4OloUYybSr0Gj7Gp6ZUhckyUSuWz4Tw%2FtObn%2FnD06cUT2X6p34CiXMySG%2FR6wn05s3M1giytT%2BYfTzmJcjrvEQPLVwRPYXOWNVpfkh"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=16245&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4148&recv_bytes=4446&delivery_rate=36207&cwnd=12000&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=65&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://login-csx.pages.dev/
Non-Authoritative-Reason: HSTS

GET
H3 200 main.cdn.min.css
login-csx.pages.dev/Login%20-%20SoFi_files/ 278 KB
56 KB 39ms
39ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/main.cdn.min.css

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f51bfea694d99efdac2e8223be8bfa713bee494c44605fec6a2e721f992dce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"af2f387fe2152a736694efb594fc867f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cCFRa6IcRdmlPIbNByrrUmsTmAbACWPQZ5WfTxiAryluQNzAgxt3WwNX5gs%2F6vxHr5ZPfAGOxECPVuCm1Zq8fmQj12wVFlwGhnBorA5rUE7lKdKz7Bmr%2FkmqvqAiAsqmwqbNOBMn"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3571e2d4d9fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16711&sent=49&recv=26&lost=0&retrans=0&sent_bytes=42821&recv_bytes=6968&delivery_rate=1284642&cwnd=30000&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=115&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 datadog-rum-v4.js.download Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ 150 KB
150 KB 60ms
60ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/datadog-rum-v4.js.download

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "a1a2da28fed42a6f82f2f8b5761dd889"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXyTUktzNXwG6W8G1lQZg18dQzh%2FNMHYK7f3lKxdHeuMr%2FksH%2FkIsH%2FUo2VoZh0CcSwsifYqmtgTGbdiOaNdEc6%2B3aFsFkVg4fWKYM14FuzxLrllwumSbDhsU%2FSxe%2Fpu48yCesK%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3571e2d519fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 153156
server-timing: cfL4;desc="?proto=QUIC&rtt=16711&sent=75&recv=26&lost=0&retrans=0&sent_bytes=72545&recv_bytes=6968&delivery_rate=1284642&cwnd=30000&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=122&x=1", cfHdrFlush;dur=8
date: Tue, 29 Oct 2024 12:59:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 tags.js.download Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ 95 KB
96 KB 86ms
86ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/tags.js.download

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43e8b484d3d5c4b99cc89ce2b933186779acad8d8cc203b204fa76425617fc23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "d73d8ad40b4641d1bf250d1064c84d04"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HkOnn1CCmvpfKkTm8z%2BlSDjGXf6iTlVw8rc1xsyndw1y8CkAYTghMkT1zFhZM%2Fj0kL%2FP30EjtVPmcDAsPrsEe94%2Fnx0R8k2TqIfpPHv97%2BH%2FEBDesaNMshaiGh5dYTGVH56sF7N%2B"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3571e2d539fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 97641
server-timing: cfL4;desc="?proto=QUIC&rtt=16711&sent=75&recv=26&lost=0&retrans=0&sent_bytes=72545&recv_bytes=6968&delivery_rate=1284642&cwnd=30000&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=125&x=1", cfHdrFlush;dur=5
date: Tue, 29 Oct 2024 12:59:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 devicer.min.js.download Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ 41 KB
42 KB 100ms
99ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/devicer.min.js.download

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "e488bbea3a9a385b6fb4069930804619"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnVsFKsVC0my6Ad8pkEAiyXy%2Bc8baPME3Yp5KyIODuB3f2Aulchy4dj%2BnUUb604idiX1ME1f%2BV1Ug2ZL4UhnHfAGwRqE5OGnSDdyCY9%2Ftz41S6KdNP4qUORIMEwLd9JMm%2BsVwCjx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3571e2d579fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 42146
server-timing: cfL4;desc="?proto=QUIC&rtt=16711&sent=75&recv=26&lost=0&retrans=0&sent_bytes=72545&recv_bytes=6968&delivery_rate=1284642&cwnd=30000&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=123&x=1", cfHdrFlush;dur=7
date: Tue, 29 Oct 2024 12:59:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 otSDKStub.js.download Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ 22 KB
23 KB 101ms
101ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/otSDKStub.js.download

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "5e0a37e502e437d3784bbb6dd71cee38"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y5ky4n8wVyThNKYcHU3F8a%2BjBW71HYyYIexgVEoPkhE7bfbn0NsKbxVzavywvP2EZssb%2BjLjg9vwZV2dP4%2BVvYuWXDUSRt96NCxZlzJEPASrr3bdHNl%2FXQt%2F3I%2BomO3I0Q%2BwMC8X"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3571e5da99fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 22463
server-timing: cfL4;desc="?proto=QUIC&rtt=18250&sent=124&recv=33&lost=0&retrans=0&sent_bytes=129760&recv_bytes=7551&delivery_rate=1563547&cwnd=58800&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=144&x=1", cfHdrFlush;dur=2
date: Tue, 29 Oct 2024 12:59:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 otBannerSdk.js.download Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ 381 KB
382 KB 51ms
49ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/otBannerSdk.js.download

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "2dae13afed9b5a040d2f8c549a070379"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M1NRRb6eOuFB4%2BE%2FUIBChVuc%2BBXY6yYsBVMb4JfwwRu2BtFiEqn5Mj4j4a%2FJcJnhMq0WoaQHkg2sA%2FwEjXpRhx8txC1YvLNce7Uq5LWH0W41yTCq5IQoG8N6lqws07F0tNowYk4%2B"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3571eee619fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 390260
server-timing: cfL4;desc="?proto=QUIC&rtt=17014&sent=456&recv=73&lost=0&retrans=0&sent_bytes=510506&recv_bytes=12603&delivery_rate=12285235&cwnd=214800&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=244&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 sofi_logo_white_416x116.png
login-csx.pages.dev/Login%20-%20SoFi_files/ 10 KB
10 KB 84ms
84ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/sofi_logo_white_416x116.png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4161e8b093c0be14c542b0948c6271b1ee5ccd53e6274654a91224c343bc418a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "cf50457f39fa22db7423b45f7bd67e7f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lgW7%2F%2FE90BQ8Lx4is1HMK3RSD79vHzIjbNN57QJPcZnDDoJWenjEi0nDPR5k8t9XT1JadmEaiKdBZpQLMRMu2dAkPoR3C9%2FatkRfNoOxvzokdBnM3R3KuIduRA2ame6MCs7SyZCN"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3571e4d859fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 9807
server-timing: cfL4;desc="?proto=QUIC&rtt=16502&sent=76&recv=27&lost=0&retrans=0&sent_bytes=72821&recv_bytes=7292&delivery_rate=147248&cwnd=30000&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=129&x=1", cfHdrFlush;dur=1
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 7331d0a5289a23fb1966.png
login-csx.pages.dev/Login%20-%20SoFi_files/ 22 KB
23 KB 86ms
85ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/7331d0a5289a23fb1966.png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e182f76b074753911d9dc5c0db48650a94472ac95dccf64d9d9b8100be6a03b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "1f550f47a56078534e65f09cb0e39623"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pOubfLJCp%2FMDTJoMdzI6Gozz8qRDO%2BItU6XasE1bVlhfUOVtPftK4crXJ6Hsg6p%2Fy4o%2BjCWMri6XJvQD9RHcnNSSAexd8UNoIcVqkb%2FXVzO698y5UYGPgAZonEvn2kUAJEuSNM4f"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3571e4d879fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 22918
server-timing: cfL4;desc="?proto=QUIC&rtt=18250&sent=124&recv=33&lost=0&retrans=0&sent_bytes=129760&recv_bytes=7551&delivery_rate=1563547&cwnd=58800&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=140&x=1", cfHdrFlush;dur=6
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 a26e7094b0235d2942ad.png
login-csx.pages.dev/Login%20-%20SoFi_files/ 25 KB
26 KB 47ms
46ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/a26e7094b0235d2942ad.png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd70f6ab934cd87e4b40fcd193a7359b518376f3d3b34140a5ec5582d0d88e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "8a2d3b01d16331376d2c9f72cd8329b0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=83D7BXFXIiKhHY9TLRYILOZBcQbSdTrbDHjDyM0RQcIVrvuhYcU3yByLjr0SMyow8FSpFjROELjnrn2w7CFZrgf7pfl%2FFFGMGZ4ayw%2BeL9PFjIPhnOZ8bx%2FUWOpaQArhwOH2dKIY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3571ede409fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 26088
server-timing: cfL4;desc="?proto=QUIC&rtt=17014&sent=414&recv=73&lost=0&retrans=0&sent_bytes=461545&recv_bytes=12603&delivery_rate=12285235&cwnd=214800&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=229&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 0x0.png
login-csx.pages.dev/Login%20-%20SoFi_files/ 19 KB
19 KB 47ms
47ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/0x0.png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734b5f8af2a3d77d664c4306cd97ba44f4f065966d57c34c094db079a51a7e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "a6b1090d1f76b80f663164bde78ab78b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22mKzuR7feODKKdLJRCTyOwulnGN1cxjiAAAxBYXDShjWa1PjPmEoTW9K%2FxnU73wHtMozrM7VouDRcgjSYU28mV7oCKhsqTc8JSt8iP1aIIT0VksQZXjyWQMuJ0SzbvINrPmCORT"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3571ede4f9fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 19313
server-timing: cfL4;desc="?proto=QUIC&rtt=17014&sent=439&recv=73&lost=0&retrans=0&sent_bytes=490130&recv_bytes=12603&delivery_rate=12285235&cwnd=214800&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=237&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear
login-csx.pages.dev/Login%20-%20SoFi_files/ 68 B
711 B 58ms
58ms Image
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3087446afe87c5da27035fd77db71f3d9911966b3cd33a452f80d731fbf8159

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "8f82f00b9c2c7991a901ca7dc1041e36"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dk6CdbKFufNByW5tMfOKVF2%2BuxCy8puIhPJxdAZa1HCrfQXpitoh4CUO9mBO9iVa2WFhMqcBMAVr41Fv0qKA8cpMaH9jEUX0NVW1qnWQNt1Pwo%2FYqD9a4y9zedO5eO3uq7PFuzSS"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3571eee5e9fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 68
server-timing: cfL4;desc="?proto=QUIC&rtt=16839&sent=625&recv=75&lost=0&retrans=0&sent_bytes=712345&recv_bytes=12691&delivery_rate=544188&cwnd=226800&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=250&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 api.js.download Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ 46 KB
47 KB 60ms
58ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/api.js.download

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "b4cf1d32cd73d354028425408132868d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b1mGv8ICv8Sft6tq2%2BJA56XSBa%2FelIzUgSuF3IEHR7f99siz08qkH8QtvAfJx0wQ70Ppk%2BaNytNA6ZXxsFhIacHHUmOm%2BFKwMlUvawOVKR9%2Fg1ErFlPd8l51738eUv%2FHpiynZOa6"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3571eee659fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 47460
server-timing: cfL4;desc="?proto=QUIC&rtt=16625&sent=632&recv=76&lost=0&retrans=0&sent_bytes=719887&recv_bytes=12736&delivery_rate=633571&cwnd=230400&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=251&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Sofi_83x40@2x.png
login-csx.pages.dev/Login%20-%20SoFi_files/ 3 KB
4 KB 75ms
73ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/Sofi_83x40@2x.png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ad14b04bbb43106c487ed24c60f706cb02cf4b59aa1ff1823f3df83761c3ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "d7a27abdbe1a050e46ceafbb4c233810"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QAUaZNiesOMlGRFZRzx%2B3bmgxjZI60XVj6m%2B%2BgPdffVk7hEuTn8xT1L2xqKzO72cdW7TgW0mZJxslhTAc4HXD%2BGJwrMgkNVYXHC08nLiFpKUtMs1R8zC5fvrSXpRHUaDEfuNjdvZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3571eee679fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 3234
server-timing: cfL4;desc="?proto=QUIC&rtt=16552&sent=780&recv=85&lost=0&retrans=0&sent_bytes=894531&recv_bytes=13905&delivery_rate=2742732&cwnd=312000&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=266&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 powered_by_logo.svg
login-csx.pages.dev/Login%20-%20SoFi_files/ 5 KB
3 KB 76ms
75ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/powered_by_logo.svg

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"abfcc415dc9b4da4aa49439bb8bf3e0c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g20fTX52pplRO29UPbvv0fSoEjOkMHoGVib8ip3IzJdc9MI8v8%2FXNbil4g1c577CdvxBYK6clXhqpg29cs3Dc7DoV23q9C5yoNzDwns7FeHdk%2BHddzwJZ9hbd7JcEKaJthcDSfds"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3571eee6a9fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16493&sent=654&recv=78&lost=0&retrans=0&sent_bytes=743355&recv_bytes=13199&delivery_rate=893036&cwnd=242400&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=253&x=1", cfHdrFlush;dur=1
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sofi.com.png
fontmetrics.net/ 0
74 B 623ms
283ms Image
image/png 52.43.176.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fontmetrics.net/sofi.com.png?u=https%3A//login-csx.pages.dev/&r=&ra=0.6968820777337799
Requested by: Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.43.176.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-176-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

apigw-requestid: AadTTiK1PHcESSg=
content-length: 0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png

GET
H/1.1 200
OK tags.js Show response
st10.sofi.com/fp/ 95 KB
13 KB 332ms
30ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/tags.js?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&page_id=1&allow_reprofile=1

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

db6563f105e99321092356cd5f62721caeb4a58f7f857367bd838ad2ff99e749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP=IVAa PSAa
Keep-Alive: timeout=2, max=100
Date: Tue, 29 Oct 2024 12:59:00 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H2 200 devicer.min.js Show response
js.dvnfo.com/ 41 KB
42 KB 340ms
29ms Script
application/javascript 18.66.122.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.dvnfo.com/devicer.min.js
Requested by: Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-106.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

etag: "a9b687ac5b02886eefbb098c4495522b"
age: 40976
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 42146
x-amz-cf-id: 1BdU-Up9fsZGoNVIUO44sabywjTITpzJJyOMDbCQtJQnQiQIOOakCg==
date: Tue, 29 Oct 2024 01:36:05 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 10:54:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yqx2k/0x4AAAAAAAQFNSW6xordsuIq/light/fbE/normal/en/ Frame 6B69 0
0 67ms
38ms Document
text/html 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yqx2k/0x4AAAAAAAQFNSW6xordsuIq/light/fbE/normal/en/

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Referer: https://login-csx.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8da3571f1a86b8ac-AMS
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 29 Oct 2024 12:59:00 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=captchaCallback_338048
https://challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js

46 KB
16 KB

36ms
36ms

Script
application/javascript

104.18.95.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js
Requested by: Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/
Protocol: H3
Server: 104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b75ac6f98994352699841dffa6e562725ebbd0005c539946ad3625ec550eb0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding: br
cross-origin-resource-policy: cross-origin
cf-ray: 8da3571f691a0a69-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 18 Oct 2024 17:38:58 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location: /turnstile/v0/g/f2bbd6738e15/api.js
cross-origin-resource-policy: cross-origin
cf-ray: 8da3571f18b80a69-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 29 Oct 2024 12:59:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3

200

saved_resource Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 0DD3
Redirect Chain

https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource.html
https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource

149 B
717 B

51ms
51ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login-csx.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8da3572098949fcf-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 12:59:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2wsJPlZN5EEmwCey6td8H5yENjwP1l3eV%2F4eqxoahCOeMzOwRi4M2%2B8%2BNpIOZgM3iuizqfKLvfGid73s%2Blg%2BHPLtgMPgSmpWO54p%2BKePdjNQbvqXiQy1RfYStCatfURV3Q87Q3L2"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=16009&sent=867&recv=105&lost=9&retrans=9&sent_bytes=988251&recv_bytes=16460&delivery_rate=864343&cwnd=309960&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=516&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 8da3571eee759fcf-AMS
content-length: 0
date: Tue, 29 Oct 2024 12:59:00 GMT
location: /Login - SoFi_files/saved_resource
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmBvyfMfI%2Fte0LEXEiNffao8SKsx5wujHjH0hmW3bgVLzrnRHgEUzQwavFNzDyYEArBqySJ6ZQXrCdDyEVu3SfGTdYWi0gxwPrB%2B0oty7FOBkYRGnQVmS4%2FGjqmPT%2BHEx9DBhh4C"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=16812&sent=605&recv=74&lost=0&retrans=0&sent_bytes=688345&recv_bytes=12647&delivery_rate=272094&cwnd=214800&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=245&x=1" cfHdrFlush;dur=2
vary: Accept-Encoding

GET
H3

200

saved_resource(1) Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7
Redirect Chain

https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1).html
https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

2 KB
1 KB

38ms
36ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c26662aa165b09133ec1e69f03327822ffcdeecb2e8dc3e075c3b14c816c5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login-csx.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8da3571f2ec99fcf-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 12:59:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DEn3QJ589XvdhdntTOi1zM8zz6rxz7V3TCwUrcgapalevMTtFYzAsM%2BdZNY4ShbXsNl3p7psJd3HDzb0arWOqf2VDeg2hGdLVlrv7oJ8LOGbeEKhQFo1NXONU6Vy82CdIG5uygbD"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=16213&sent=844&recv=90&lost=0&retrans=0&sent_bytes=967616&recv_bytes=14136&delivery_rate=4662824&cwnd=442800&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=275&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 8da3571eee789fcf-AMS
content-length: 0
date: Tue, 29 Oct 2024 12:59:00 GMT
location: /Login - SoFi_files/saved_resource(1)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jhh246x4J2vPTiaTIK8Eu%2Bsnvundj3D0fTZDitDtP1yNuHMcl4IhaLy9eOgPIdZO%2FIRMzpBgigWxIOzSLUD%2FBEa8RBb8wedMCo3dkxVxsYnmqfuAa1f6yZGKpa%2Bl0z6FdeswhPMR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=17014&sent=438&recv=73&lost=0&retrans=0&sent_bytes=489487&recv_bytes=12603&delivery_rate=12285235&cwnd=214800&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=237&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3

200

HP Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 892F
Redirect Chain

https://login-csx.pages.dev/Login%20-%20SoFi_files/HP.html
https://login-csx.pages.dev/Login%20-%20SoFi_files/HP

22 KB
8 KB

55ms
55ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/HP

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae2201480399508c818dda54ecbd092857fc348d9bca0f3cc2b7bc0dd269dbad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login-csx.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8da3571f2ec39fcf-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 12:59:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fx27XEihiEGxOmfEMfKIQuYOlHdyPj3BYSrLEUbj1PQIJWeY69awRBfeRB0CnNNKngWM8guIY74UzWUVlXuU%2F%2F%2FykOomOLQFm1pQnHlvFLBm8G9W5%2BpOq4A9Bd%2BdgZcEWH4JngVB"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=16016&sent=856&recv=96&lost=9&retrans=9&sent_bytes=979920&recv_bytes=14414&delivery_rate=12846749&cwnd=309960&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=291&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 8da3571eee7b9fcf-AMS
content-length: 0
date: Tue, 29 Oct 2024 12:59:00 GMT
location: /Login - SoFi_files/HP
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jx6H8JmoYm8HniQN02kJnsTTFfTTCFdhflqmkIUrrc3qE628CafOl%2BP%2BixC9Gr6Xa7AApmbSm4hlKrcGLmIsqkn4TLvKtrfrm1SV1U9e8dn6Jxn6K%2BbXq5eJMsh70XmKU%2FrkXyMY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=17014&sent=437&recv=73&lost=0&retrans=0&sent_bytes=488856&recv_bytes=12603&delivery_rate=12285235&cwnd=214800&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=235&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 650 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login-csx.pages.dev
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 SoFi_Multi_icon_50x50_Ver5@2x.png
cdn.cookielaw.org/logos/75b0b94d-5898-42e0-a11e-374a4bb72ea1/62a05241-4d4e-4324-8fac-d84d73d9f38b/d89abae6-ffd1-430c-9799-990bf0faddbe/ 2 KB
2 KB 72ms
35ms Image
image/png 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/75b0b94d-5898-42e0-a11e-374a4bb72ea1/62a05241-4d4e-4324-8fac-d84d73d9f38b/d89abae6-ffd1-430c-9799-990bf0faddbe/SoFi_Multi_icon_50x50_Ver5@2x.png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9508ba9ddb8676bfd9798804dd64342150e71612590be997eca8669b485c5dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

content-md5: l+87OFbbL6ySRiFyfS2kBg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DB774CC29B3E51
age: 63277
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
last-modified: Tue, 27 Jun 2023 20:26:16 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8eb82d08-201e-005a-7d7d-225f64000000
cf-ray: 8da3571f29e50e94-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1648
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 TTNorms-medium.woff2
d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/fonts/ttnorms/medium/ 19 KB
20 KB 312ms
31ms Font
binary/octet-stream 2600:9000:2251:2e00:10:8d:3740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/fonts/ttnorms/medium/TTNorms-medium.woff2
Requested by: Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2e00:10:8d:3740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7c6baefcdda36fefc81f42a0abafdd31a62b7d425ff2542925f9dfdca17b411

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login-csx.pages.dev
Referer: https://login-csx.pages.dev/

Response headers

access-control-max-age: 3000
etag: "3e26a26dab9abc3132782dba39642cab"
x-amz-version-id: H8qK4Wn88KLhqmfvNLbeFL_jAcQWtfY.
age: 4052
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-cache: Hit from cloudfront
x-amz-cf-id: nMdRCE6u-RQbPIY20UTDofKKHqlNL7KP2tKjKzwxs6zvcwsBxAd2xw==
date: Tue, 29 Oct 2024 11:51:28 GMT
content-type: binary/octet-stream
vary: Origin
last-modified: Tue, 15 Oct 2024 22:41:46 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=86400
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19760
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mkksk/0x4AAAAAAAQFNSW6xordsuIq/light/fbE/normal/en/ Frame 4A0C 0
0 64ms
61ms Document
text/html 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mkksk/0x4AAAAAAAQFNSW6xordsuIq/light/fbE/normal/en/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=captchaCallback_338048

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Referer: https://login-csx.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8da35720bcabb8ac-AMS
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 29 Oct 2024 12:59:00 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 clear.png Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7 0
639 B 54ms
54ms Script
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear.png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fuWlsExxm5ivQHf0iUhP7oyqrqhAKKY9i6tEuOIodHvDqLtkEHUnKkMO3yzbMk0kW2HXCKpkcQLB9%2BmxqlSH5l8%2FuIN8rJVB3TKT8vVdsyyI7n2l1Btz3bBqjYGgWQQVyhcFDkP0"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da35720b8bd9fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=16009&sent=872&recv=107&lost=9&retrans=9&sent_bytes=990514&recv_bytes=17125&delivery_rate=864343&cwnd=309960&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=540&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 es.js.download Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7 134 B
778 B 62ms
61ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/es.js.download

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

079fac1c9dfc450804055fe738429eeff1643ee0ebf96026cc1f599942ef2a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "efe9e6b4d30ef9252925a06af7d0c8a2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dtTwVU3V4cj6Buxbe9eofKlwn19wwvifYyTcq7bE6jHkgIJRj1mCNMVqFJIpiyLdbGAmeqjyYb434iuMWyrkeQ%2Bm8yELvJNe14cakFPqn56fUK73uvWq0k2tWlPfQnlzI7SLOsnI"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da35720b8be9fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 134
server-timing: cfL4;desc="?proto=QUIC&rtt=16009&sent=873&recv=107&lost=9&retrans=9&sent_bytes=991177&recv_bytes=17125&delivery_rate=864343&cwnd=309960&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=541&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear(1).png
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7 81 B
730 B 47ms
47ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear(1).png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "b87004ef08cffb1fb9c44ce4fd1c0212"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=chwdFYxybDPMoef7EHyD6jgrjTMzDsXsUg4nMf0OdCnN3Vo%2FG8tz48qlp3Itq%2F3seIO2gTE4ovGj35zFg3Jhf4TJaLDNyah2wAPxePK%2FtOv6j3sPsq%2FIAtX6UBAo7FjA5sFFUwLj"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da35720b8c09fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 81
server-timing: cfL4;desc="?proto=QUIC&rtt=16009&sent=870&recv=107&lost=9&retrans=9&sent_bytes=989048&recv_bytes=17125&delivery_rate=864343&cwnd=309960&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=537&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear(2).png Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7 0
641 B 114ms
113ms Script
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear(2).png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nobWkp9UkKn1zlRaxEnwulsbH6gbHb2e7lyxFbvnagp55JIinkY9%2BS3mSuvOn8k%2BXM5H3HmWDRWtujz4oUULV3ntHBQFTKUK%2BZm8F3F6X3awGvJ340r5hp96j0AVVUJqtgM7O%2FbN"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da35720b8c19fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=16009&sent=1063&recv=107&lost=9&retrans=9&sent_bytes=1218240&recv_bytes=17125&delivery_rate=864343&cwnd=309960&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=543&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear(3).png Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7 0
643 B 43ms
37ms Script
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear(3).png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZWoguWzdn2ZRM2wLBInoeiI5R1btmrU3iSkNFSKf5jPSaepU2nRXAV0Lj5rKRkqvfYHpqusEbKOxJeq%2BP3mvYX%2FPY9111%2FC5IxO1McCT0wQfLzSZn4iJD3bqd%2BHSdq9bVZYlLDaG"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3572119389fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=19464&sent=1067&recv=121&lost=9&retrans=9&sent_bytes=1218980&recv_bytes=19307&delivery_rate=413605&cwnd=309960&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=587&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear(4).png Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7 0
643 B 145ms
144ms Script
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear(4).png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6UdTwbdJ3r9MQRF%2BGb%2Bcny2H9zBwDNwZ5QduaE3LcoBYpdY7%2Bm1sNbW1ZLWSvJfN0Kz1djHHmIFf37B5cvWaVSerHA7Borbhf5ePMALqtCePM5oFgRDnp7etEXx2FDFnldaxLIa"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da35721294d9fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=17226&sent=1544&recv=145&lost=197&retrans=197&sent_bytes=1781871&recv_bytes=21993&delivery_rate=4792466&cwnd=151880&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=699&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear3.png Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7 0
646 B 41ms
39ms Script
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear3.png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VWIv0NWVSc3AHzP%2BZtEeUwj6EXvGIPBX%2FICFiKVCmCzIxskpQI7N%2BvQlwDv6uPBLpfXfwwbCUODcGjoG35xY%2FACdyRAqbInAbnP3N8eO19KLqocTmCPQGBExZiYac%2BSbiw7CajT9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3572129509fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=19464&sent=1068&recv=121&lost=9&retrans=9&sent_bytes=1219647&recv_bytes=19307&delivery_rate=413605&cwnd=309960&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=594&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear(5).png Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7 0
640 B 43ms
41ms Script
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear(5).png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IS4vWIgzzl2b6mILPVkY5VrlA64z2cgSRCQsPTU%2BcehWm5R7tNyBPvEX5pXTd%2FBHVETEzo1WQhkdNjVKVk2ExRpLq2ajH7r%2Fn3ab2NviAcs5XEJO8Qf663IKoucoxzyVSgnflGPu"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3572129539fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=19464&sent=1070&recv=121&lost=9&retrans=9&sent_bytes=1220988&recv_bytes=19307&delivery_rate=413605&cwnd=309960&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=598&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear1(1).png
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7 0
647 B 42ms
39ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear1(1).png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2avjoHhqV3J0iqGOPqVEgiwYuFTRXCJ%2B%2FP0KeMroTDm1StnxJikIpZ7Zwh5eS%2F1l9MHN5cwp%2FlwbPbcM6B0%2FvPWJycRMKpql3uw%2Bc5P9a7gzJ0NUMn7%2BRKe%2BXGpE9nYarF22MfFd"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3572129559fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=19464&sent=1069&recv=121&lost=9&retrans=9&sent_bytes=1220317&recv_bytes=19307&delivery_rate=413605&cwnd=309960&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=597&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear(6).png Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7 0
645 B 85ms
82ms Script
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear(6).png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EooRnhFg6LF4maolkHRyXP8AG9f8hnJMyNu8Ai8vyB9mlkNuz9IVE%2BNksTduB35J%2B4V%2Fv91EjkeIGpQDdy0Z8z5brfp68wst3SfZR09og1vatCM1RWJ4uH%2FXnEizmiozVyyxg9ZW"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3572169b19fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=17425&sent=1191&recv=132&lost=127&retrans=127&sent_bytes=1362237&recv_bytes=21387&delivery_rate=3891653&cwnd=216972&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=641&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear3(1).png Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7 0
645 B 102ms
99ms Script
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear3(1).png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6SvekbsWBTJ3lmQjBtftT%2F1MM%2BL6HUMa7VlFnGDXNlN4gfTkkdToS%2Bc3ZvE97N2dw9BJ9nDMNrV66oXxJZTYrrFF6ViKzGV4tizS6TEa0AKHpHon2S1RzdRGsBqIRtdOR8MjZ2u1"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3572189e19fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=17425&sent=1193&recv=132&lost=127&retrans=127&sent_bytes=1363669&recv_bytes=21387&delivery_rate=3891653&cwnd=216972&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=657&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear3(2).png Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7 0
657 B 101ms
99ms Script
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear3(2).png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2BamHTGYp61Hbi9Z%2BroLhR7TsJso7D%2FEwmfX0%2BLyRllxF0heU%2FCljSMInC6BZa98dgY%2FZvBD7XNRHL6%2BpXIUXtRGRNLBLQRm%2BWU4%2B5PYUz%2FFhlThQSl9Adnhj8cQe1TI9znyH%2B8T"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3572189e39fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=17425&sent=1193&recv=132&lost=127&retrans=127&sent_bytes=1363669&recv_bytes=21387&delivery_rate=3891653&cwnd=216972&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=657&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear(7).png
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7 81 B
739 B 100ms
98ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear(7).png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "b87004ef08cffb1fb9c44ce4fd1c0212"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nf88YXSlPnbOdbAYP6N3ygX8AQuiKt7GDgfk4%2BX%2FyCTkZmfUH3WSrzGGgEgkeV9kEqnXnNhKPFSAWfZB%2BE5GfEMv%2FvROnoLzhBbzGWSvftxYQcxH%2FK5vr5UBZ4VUFFROjoTgsaD8"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3572189e69fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 81
server-timing: cfL4;desc="?proto=QUIC&rtt=17425&sent=1192&recv=132&lost=127&retrans=127&sent_bytes=1362906&recv_bytes=21387&delivery_rate=3891653&cwnd=216972&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=656&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 check.js.download Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 04B7 397 KB
398 KB 106ms
104ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/check.js.download

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

430052c76cc922dff1176f4d5a3070526db475ae6a4c9d863c0bac35118d12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "a3ee081ca1ab1901efba8335e12383d9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3v%2Be1DIWMgQPGVt8tqdST%2F5SXHJwFg%2BKq2J%2Fb%2BMRDBKHOHmee%2B9J1C%2BqQdlemSrUziPQx%2BSBz4m6m5dLTcEy25LjHv71XXq7zIToA1RC9%2FaUqG%2B5YEQY7K3F7IYj%2F7lXJ5SQSf55"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da3572189e89fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 406469
server-timing: cfL4;desc="?proto=QUIC&rtt=17214&sent=1195&recv=133&lost=127&retrans=127&sent_bytes=1365019&recv_bytes=21431&delivery_rate=34586&cwnd=216972&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=663&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 check(1).js.download Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 892F 215 KB
216 KB 52ms
52ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/check(1).js.download

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/HP

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92cb567a8664f14bd017573f79ca0ad1414c318a97f66681524111b4bb517215

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/HP

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "d24aa9c1d62301642395e2f0c47c6ff5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N1nvULvFMUmgqMMK7flnpEdGrlUZuAblwb2cF5aXyRufzCdgjOeEQWc18Xq6QR%2B7g%2FwGcSWyEnbGSGs6rOWvGCrBgsupAoIUrq8S93clU7oBLZUpXAxoUB9%2BEQ7qGMmclF8O6ib7"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da35720c8cb9fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 220506
server-timing: cfL4;desc="?proto=QUIC&rtt=16009&sent=874&recv=107&lost=9&retrans=9&sent_bytes=991979&recv_bytes=17125&delivery_rate=864343&cwnd=309960&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=541&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 ARF Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 892F 35 B
688 B 42ms
41ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/ARF

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/HP

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bc10458f3da34e07a6e8314a21f932b30ff26f77dfe79cb6c36eb07234c3da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/HP

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "c914b6acef41fb6cbc52a065c5c5bbf0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PCtAjqC40blPpkh8Qm%2FNa3tU1s%2BpZRSvjCK2Pur%2FUDDL4%2FYK9zoLS5D2LYQ0fxE91EgQBN3n%2F%2Bt738jdWUJwiNVV7dWm029QVlElojsoEy%2FHiK5CTDY2jfsgf5PZ4%2FaGH%2FGaSLfQ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da35720c8cc9fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 35
server-timing: cfL4;desc="?proto=QUIC&rtt=16009&sent=871&recv=107&lost=9&retrans=9&sent_bytes=989802&recv_bytes=17125&delivery_rate=864343&cwnd=309960&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=539&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK clear.png
st10.sofi.com/fp/ Frame 04B7 81 B
474 B 16ms
16ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear.png?org_id=oiwd0wpz&session_id=d78a55b1-490e-4bde-9fcb-28db46011971&nonce=56e34aa4385c2403&ck=0&m=1

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Date: Tue, 29 Oct 2024 12:59:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H3

200

ls_fp Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 1527
Redirect Chain

https://login-csx.pages.dev/Login%20-%20SoFi_files/ls_fp.html
https://login-csx.pages.dev/Login%20-%20SoFi_files/ls_fp

99 KB
16 KB

75ms
75ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/ls_fp

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf42b8c9fdc4af3c81d6f65a23307dbdd32de18248c9b8d4dddb3db6d5cab55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8da357226b0d9fcf-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 12:59:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lyc15cO%2FU1xj3yx4%2Fs0cbwf3pKYbIOu7BsL4zCmCDqgDudZg6iU1ycuYQsCAxLCVC0Hc%2BOOm773UdygZK%2B0PlHnCCZ05PToGQRmpv3z3xMSJDM8jDaoTeZqj5Exz2Trq3pFrO7LZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=16345&sent=1624&recv=164&lost=197&retrans=197&sent_bytes=1868394&recv_bytes=25319&delivery_rate=51404&cwnd=151880&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=837&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 8da357223abc9fcf-AMS
content-length: 0
date: Tue, 29 Oct 2024 12:59:00 GMT
location: /Login - SoFi_files/ls_fp
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0YtE8NhrA5Z0ooLowzYQSYO5EvobgkYKP1yyIqdJVNqkfsxY0mSgD%2BZFk9EEPsDNajI5ZXz8lqekoljfjUZtRw2DBratiMy3MgiMU%2B14sFLaIc9Aef87o6lYFMN4q%2FMgsfn10E4T"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=16284&sent=1621&recv=161&lost=197&retrans=197&sent_bytes=1867095&recv_bytes=23960&delivery_rate=6285754&cwnd=151880&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=760&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3

200

sid_fp Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 6884
Redirect Chain

https://login-csx.pages.dev/Login%20-%20SoFi_files/sid_fp.html
https://login-csx.pages.dev/Login%20-%20SoFi_files/sid_fp

110 KB
17 KB

89ms
89ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/sid_fp

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d2350225a4fee2f14cbba05ebdb555c906b10f29143c471c8addbdff40f8f2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8da357226b119fcf-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 12:59:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1NifFNHrZYK20%2BjxFGwE9cf6kdT2fyUPxhx%2FpeAkLpt6HV0VzD2LwZ7voNS%2Fmock403sSvFuDyVyrVwhjJvZ7EexQA3Z4KNaV1ALpEoyLxpgsKBvheqmk0v01C%2BpR0h%2BA8hRaEZp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=16345&sent=1640&recv=164&lost=197&retrans=197&sent_bytes=1884843&recv_bytes=25319&delivery_rate=51404&cwnd=151880&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=851&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 8da357223abe9fcf-AMS
content-length: 0
date: Tue, 29 Oct 2024 12:59:00 GMT
location: /Login - SoFi_files/sid_fp
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TqDvrReweDW1E4Ym0ao0eWGzZ5rOmefhdwhnrlAeGxj9NQFG6hyQLO6Lz9KmVTgd%2B52DQfIp6uiY0fUHRaqpkE3%2F2fOj7ezbw%2Fv6UkR4vLGiTD%2FMYAnIvTypmhPqS0CsDfb8nOWW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=16284&sent=1621&recv=161&lost=197&retrans=197&sent_bytes=1867095&recv_bytes=23960&delivery_rate=6285754&cwnd=151880&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=760&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3

200

top_fp Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame EC2B
Redirect Chain

https://login-csx.pages.dev/Login%20-%20SoFi_files/top_fp.html
https://login-csx.pages.dev/Login%20-%20SoFi_files/top_fp

97 KB
15 KB

100ms
99ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/top_fp

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e400ca375e8867f005e84c0d80362858465d14b5517eab70ee83e01250dcb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8da357226b0a9fcf-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 12:59:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ky%2Fxuq0llv8%2BAbTEsjfHK8w2QPKxqrbW8KxV5GKAOo%2FuOJZI9LR1hkZL4NUtQ4SuD5yiDnSsVsG%2FtWmFs0VaDq00J31U2%2FC3hjt5Bo%2BJ8SDp40i%2Fglxi9CG3fxyA1uvhWyXsEOMu"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=16345&sent=1646&recv=164&lost=197&retrans=197&sent_bytes=1891010&recv_bytes=25319&delivery_rate=51404&cwnd=151880&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=851&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 8da357223ac19fcf-AMS
content-length: 0
date: Tue, 29 Oct 2024 12:59:00 GMT
location: /Login - SoFi_files/top_fp
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eMD%2FxUFBlcGbW4mAUDiRSX57lKS3YecmG%2BAe%2F5SXebosYUUcREO8DtOXWYL5%2BRbNmsoTTH1kh7wEcCdXd2W46llO4JKqC03WMlsxCmMRQMPQU2PlZH%2BUHag7ToI5rHoSqK1uzGeY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=16284&sent=1620&recv=161&lost=197&retrans=197&sent_bytes=1866455&recv_bytes=23960&delivery_rate=6285754&cwnd=151880&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=760&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H2 200 ingestion Show response
fp.sofi.com/api/ 207 B
1 KB 342ms
296ms XHR
text/plain 104.18.38.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fp.sofi.com/api/ingestion?format=raw

Requested by

Host: js.dvnfo.com
URL: https://js.dvnfo.com/devicer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d1d9381f6d7c139e0d5314c929f87437cd30b8cd12455e2404aadc57005391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

domain: BYFxAcGcC4HpYDYHsDmBLAdgWgMaQB4B04AhigKaSEAm5AbkA
pkey: CwZgjA7BDGBGCcBaW0AMBDRwz1Y+ATAQGyIFgCsAZlRPBemCAUA
attributes: N4IgzgJg1gagpgJzASwPYDsQC4QEYB0uIANCMmAMIZhzoAuy6A5tnQgK5ykCGdbyAI3Z04YbKAYBbOAFV6yADYVuChdhABWAJwAOEiHY0EAQSa066gLKoAXooXcA9BvwAGAAQAKABq5cAbncAGUZ2AA93MJ0ANgB9aIAWAEp3YwAHNIU4AHU4AQBpZDpnAGYAdnwS6K98gAkAFUsg4ncFZCg4dwBxOABjKFQUigALBFRpR1wS1zdZjwBlbgAzbgRkUoqq-QB3PIg1gDdEdRWFGn0HZnZuM3V0BQBae-1e1AVUBAARODS6YfUAEwJfQQOAHZC9OCWOCSD4AT3UelIaWQYTgCgASrw0OoiMjUejvr9-jggfoPshzNiMPU4Wk4OpLhAwL1uPSHmk1pJVgjSMNVhBtqs4FR0L12AgELRegjScDSKhhIgMaI3sI0JgcLhoq5XGFcACdBodowIKhtiqwGqGBhcTq9QbdfoWVLaJbrRq7br9QCnTwDtxFNwBFl5r1Xeh3Qp1batfafX6QFI4DYMHAAPJLJY0Cw4B46-TJ1PoBk4ACiEtQ9McxkkYBECAg3EkztEKAw8zoHxupaTHAZpHerIUne7txwbE4+lNcDREE+AnUk4HIG4EAgACE4PzwR8Tipzgr6ehPrxg9xzjhToeQJleEsPi2cCF0OFIjF4vLb9GmIwxDgAAVPgAMXcGBKV2BAAB8AI+OhgyydxPlQcVpHodxgMfXgoIAHjZTIIWpdBHDSCAlig0iln8EQwmKSiKLIgA+YgRjGaR3CA0DwLgSCYLghDOmQ1DzAwrC6Fw-C2lZG1iPoyjqNnOiyIYpZmNY8ZkHYSQOJAsCIMQPiEHgkNBJQrSRMwhBuXEvCMikoiSOU+SaKU8jKOYywITGK0ljodwywgMwdK4-ToNgoyBKQsy0L8yzrIkuzCJkxy3LIhTaJSlTmNyAoincIRFDoB5GGCwzjMQoTzPQuLsNsgjpI1TLnMUpqmJebh0ADMBslNRgWBwOFRHazqL2AvrEE5RhcxAJt4KwZBuTMEjmH8AQLzgRJiDKaIyjgHRcFcDQlgECBIVwPolgBZZogBE6Em4XpXASX1uB2PImAUMbmAmtZ6BOCASh0XUNA0AQNFcJYEgELMEkSbgjogAElgNaIIDKMoljegQPrLWjaHbdB-xAYwADkuiCMtYj-eCxTgCBYlWBBuDhMB-DLbx6liEz0HpyRGG5MI2Y52JejaNIRYwNg3iFznXneBAufYLNEFifkFCWWIlneXgZdiUFiRFhxJDSXWtdQXguayHnTaZpg9Z+P5dbSN44SYDBYlQLMc0N5sTfZzmwH5UEFZciU4Fid4IF10OpQl42pTAAmud+Xpo8UsO485NsNViBAmDoVP-diGPw6WQqVY68hUCllFC+FkvYj5yUPh943i9QWI6bMXWwAxLoN38dMy3mTushiqmednWJ2Cmwfh81gQO6lSeFb5tJuRNoeR-rDqm0be3DmxI5Wa34v09js2ddPhvL7oCPGDgVY55Hhu1Y12-n7P2iM7fzXtbvtoJYn6nyOEZKejNmYewEAAKz6HQfw2QywbnJhLeWitlYKw-og5BQRM4JxoPTBuF4C4IKQSg148c2x0y-nQDOcASHYPIeMLOidqEN3ob0AIjDcEUJYQQmhGcwAlAYWQnhzD8FsPPuHIRBdYhgDzgIUhOD7ZCDtsvYOKtGAPiUSg0Eqi5FB0QKzbh9sDYlx0bg-Y3BtjoKWEYixEdUA0AlvQRSDjJDsAUAwPWTNtgOOdgoV27tYSgixh9eASBPQ4ByuTdwBAPCeHTMeWJw93AAjcO4dSfMtJJDCZiWgGiEDqByoUPyMSgh5PgDzPc0S8ilLyXIbkYAOgQBVCvY4OAACSriFDuE6WsMA7gkm0BScwB+DT0BNJaVUs0RSuk9L6WKfAeTOzSkUBuIoRNXArKDn1IIHUmDXDMBEgmxS8ixPJvMII-l5hxIyYk5J1zUmXKebc+JmTRgaRyXkssYySzQngrNbgtQLwkhAGUYMJ11xIyBNEOAJQAQaBKAIHQl1oiorsToHQEBojwx2WuRAAK1xnhBYHdQEAEi4GJQkVwt1cA6F6NEFFFK7HowSIjIGoNegJCRCAfkYAQh032VcHsRNlz6H5YK1pqpowyX3GcFckrKQQHTETa8iqLxSo3GMbYRh5U3gFvURUvRhiwSmls8k6AjXsBNZ2VYdB5jsAyHBOm+qVxdhtcMMsRx6COudWAiAbr9DcHYBAHEWogRuASCUBIZQNAAjjdqVwZQvy7AEBieoFB1AlAIL6BIhB42EC0MaUgrxUBQEpL8gSgaJz9guChFQo5bYilQOWyk2BXyqAVGsX86AZBrHUMMPgaQwBYEcI4d4vaHi9DAGEfAaRRX4FBAcRw+gpR2MlIgftyB1Awl+LyEAD56BbOILgYgAJT06HPa4c9Z6AQlHPQkc90RiAaBfRoMor6tDEALKQCAEoiKZmUKobAAJ6WkGTETQwiBTDmCwO4G97htBXqQ7oKC7g02fEOIgeDiHkMtGQ+hy4hyey4YI7ocjOh0Nyw+ESP4ZHUMocI+4ZdEIoQwnhAx-DjH0MojRJiakXGKM8fcHxwkDthhCaY2h9wFIqQyVpPSKTlH0NyfoERYwzAsjKZE-yRsQopSinFJusUcIdPMcVA2KMMZ0DmZk9sU05prMyTs1R9wLo4BuhlTZ1z6HuABiDCZMMEZnMal8+4IsaZMzZnoeFyLJZ4MvsYy0HUCR0M0EThqJtpGEMpaenltLrQG0ji7M2+DZ73CpbyxodDM45wLgYzqDQ1W-Pri3DuNACBGuHRa7J48p5jLrW681yrh1qNpHYBQBwidhu9bvHQB8VlZujZqyx1AJNq71CZv0ZbTXeM-j-Ltsb7hWQjW6r1Zg8GH0rby2507XUvpmAQJNeg8HP2jZQ9EXAq200fUez9Ka5Xv2Ve+ylmN6HfsKFxiIQmGpR1xLB0+yrJQfvvQUCcsLuXkcjeiCjiHaO2mFMayjsHqPsbo4KR8YnOO8cYbR40i8LTCeIBwwj7HYPoj4-Jwz5pdMZlU6x7jpLQuucfVWWKdZmzifC6qKLkcuzmDCpI8coxmPENC453L35vb2OApJaCq7HOwdaDl-MQxCAiVAtJZJtnuPgeJFcOhpVQqDlHNEI1mlKWaVO81cq0LGAPfq+9+4Z3Kr4dB4jz7gVyrtXmiMOVr3QfcDocNca01qBzUe4q4kZPsmrVp7tUZP1zsA1Z697nj1JrvXmGLy6iAZfKuUr86GtA5WL2N+z0irnGaKBt-t0iloZQdAAmo62itcAq0mXr1jof13Z9EeK9lswVA21wAY7PwfOgSiqZ7Ywbd6+t+b+3+4ddiApQIH3zPw-7h5-uCPXQeHiLN9I6BibzJipXEQHcPUBaa+0muC0BAAAF8gCgA
Referer: https://login-csx.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: 004fefdb-3d9e-433b-819e-1c770ceef8e8
x-envoy-upstream-service-time: 44
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lFOgv42hL3QEW17V%2BmtCP%2BaMUW8Ibwg8sNfts1cdlaNaVJY%2Be%2F%2BQ4TDafe%2FPSARKrB0YaRHQ4cqH3q9rX81Vm1TSXkRaizMpnDfhSIjGugSh07XMyJujhglJSedS"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8da35724591cb94e-AMS
access-control-allow-origin: https://login-csx.pages.dev
date: Tue, 29 Oct 2024 12:59:01 GMT
server: cloudflare

OPTIONS
H2 202 ingestion
fp.sofi.com/api/ Frame 0
0 233ms
179ms Preflight 104.18.38.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fp.sofi.com/api/ingestion?format=raw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: attributes,domain,pkey
Access-Control-Request-Method: GET
Origin: https://login-csx.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attributes,domain,pkey,tokenFormat
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://login-csx.pages.dev
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 8da35722eeec663a-AMS
content-length: 0
date: Tue, 29 Oct 2024 12:59:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MfeT3x63Tu%2BkT8GGXLBIzytBLHMU0JuwjGlBY%2BeAU1gh30Un0TSNZB33%2Bdqf%2FooR7Z4QJh4o8rGO8zsJNfcQpFPM7yIW0MRfLJIOPCsaZQ5%2FANWzfgCR%2B9lEfECo"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1

GET
H3 200 clear(8).png Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 1527 0
646 B 38ms
38ms Script
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear(8).png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/ls_fp

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/ls_fp

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nBBNZQjwTn6aKP80R0D6r4Xk8rOxBycy8fJe%2BgwANw9s3JC8MHqW2KlIk2s37Z72gjBJfMbKOA02JrMFSe4%2BbQN8BrnsFT386UM1dpPpN4AxkHZj%2BGXyXMokuWjEFqKv%2BGPn2DNC"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da35722fbfc9fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=18930&sent=1673&recv=172&lost=197&retrans=197&sent_bytes=1918488&recv_bytes=26604&delivery_rate=608216&cwnd=151880&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=879&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 es(1).js.download Show response
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 1527 134 B
792 B 40ms
40ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/es(1).js.download

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/ls_fp

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a764390bce88dc7824b60dd9a5e63810a2cdf1af4ebbd5df8626c2a6dcfda1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/ls_fp

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "b7f4ffb7f98480a468977aef11be510c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42MQGEzwK6E4m0CRKD5CBEZptpy1pQ8wq%2BjabwgQDCTkrWWcZQq9PJR%2Ftl%2B15lkdSS03BK5Lmogu%2F5ootrxspycTkRvvWXzQsU1NW9uYVy8L%2BLVJslSUa%2BP561SCSDvqX5qCSD56"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da35722fbff9fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 134
server-timing: cfL4;desc="?proto=QUIC&rtt=18604&sent=1674&recv=173&lost=197&retrans=197&sent_bytes=1919158&recv_bytes=26649&delivery_rate=417464&cwnd=151880&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=883&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear1.png
login-csx.pages.dev/Login%20-%20SoFi_files/ Frame 6884 0
648 B 34ms
34ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-csx.pages.dev/Login%20-%20SoFi_files/clear1.png

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/sid_fp

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/Login%20-%20SoFi_files/sid_fp

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b7Gdkiwhg%2FHX%2BKT9P3LUoQvYZNf6D1zdUwnjtpOq3Se2QGdRb36il2bVYkxBQjPAKX0RXnH9hNGqDZqJ03jzhWtDiXBsgiA%2BQJCG2pH%2BihqlVbt%2BiLLBMBX9tctvYWWyjF1E7EXo"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da357230c259fcf-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=18604&sent=1675&recv=173&lost=197&retrans=197&sent_bytes=1919974&recv_bytes=26649&delivery_rate=417464&cwnd=151880&unsent_bytes=0&cid=5f61f1f1e1e239e5&ts=895&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 12:59:00 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 204
204 clear1.png;CIS3SID=68302C8507A09256888A1B670B36D55C
h.online-metrix.net/fp/ Frame 6884 0
401 B 62ms
18ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=68302C8507A09256888A1B670B36D55C?org_id=oiwd0wpz&session_id=d78a55b1-490e-4bde-9fcb-28db46011971&nonce=56e34aa4385c2403&jf=343330267369665f7a6e6c3d746c725d5a7a3140567058386e67653b556c5347267b6b645f666974653d33373b303a30363f34322673616c5d767b786735776762386563647b6326736b6c5f6b657b3d3b303d39333831313036383f30633a3e363063673366303230393236303a3a61383636386b653b64303b30333037383b36303238323c373137673133303b606663643d3763373b3831623a38346c383435363c3f3260356a366d34316661366361303a6332303165633466373f363132373f61633633313b333b313b363e3166373539653130633831313c65336230656b306d36336d36346133383b3a63316b326b313330636332336c603064363836386264313d352e73696c5f716967353b32363438303a313230643062386d616163333f39323831616e616a35616c643334346b3a3664616e326a3064343b313566303266623130366364643169313036353136353935693f3432303a3338306731643931386c303962356b61306566303b363e66636d336135616a3e36633a38376a303b343665343130323463303b35396137366b636b396531313739366d2e716b647a3f39

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/sid_fp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Date: Tue, 29 Oct 2024 12:59:01 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png;charset=UTF-8
Server: Apache

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame 1527 0
398 B 16ms
16ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=oiwd0wpz&session_id=d78a55b1-490e-4bde-9fcb-28db46011971&nonce=56e34aa4385c2403&jf=33342e6c73623f653e666a65653e666432656e3c6763616a673e343b35643337366c6432626431

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/ls_fp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=98
Date: Tue, 29 Oct 2024 12:59:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK es.js Show response
st10.sofi.com/fp/ Frame 1527 134 B
655 B 35ms
19ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/es.js?org_id=oiwd0wpz&session_id=d78a55b1-490e-4bde-9fcb-28db46011971&nonce=56e34aa4385c2403&fr

Requested by

Host: login-csx.pages.dev
URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/ls_fp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

4c3bc1a97aea8af9e2192a12a5b1876ac8d912170cabd03681d1faf7bbd900a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Date: Tue, 29 Oct 2024 12:59:01 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: Apache

GET
H/1.1 200
OK check.js;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573 Show response
st10.sofi.com/fp/ Frame E248 364 KB
66 KB 29ms
29ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/check.js;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647&jb=35302e2468736d77354e6b6c7770266a7b6d3544696e757024627160753d416a706d6f65266a7b603f436a70676f67273038313338

Requested by

Host: st10.sofi.com
URL: https://st10.sofi.com/fp/tags.js?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&page_id=1&allow_reprofile=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

36573d44d8e1d2e14e82744dfa76edde1c5175721a185bb4349829cefc0435f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Date: Tue, 29 Oct 2024 12:59:01 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
tmx-nonce: e47229dbdeca8647
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK clear.png
st10.sofi.com/fp/ Frame E248 81 B
475 B 17ms
16ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Tue, 29 Oct 2024 12:59:01 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H2 200 favicon.ico
d32ijn7u0aqfv4.cloudfront.net/assets/icons/ 15 KB
16 KB 93ms
28ms Other
binary/octet-stream 99.86.1.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/assets/icons/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-157.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ae398dbea814491b5f373fa25680e1a7cfdaa9f293e949d89495af91f1bf00d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

x-amz-version-id: WYotLR2IlXrB_IjVQJtvSQ16BNJMDvt_
etag: "3614d0a26a831df997f00b03a831e285"
age: 30412
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 8MqeU0yOpWr9oY_eJUQ23oj5sGhp7xtC_kAUfGGImlI_4C-al3SLAA==
date: Tue, 29 Oct 2024 04:34:59 GMT
content-type: binary/octet-stream
last-modified: Mon, 07 Dec 2020 14:42:31 GMT
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 15406
x-amz-cf-pop: FRA6-C1
x-amz-meta-forcedreplication: 2020-12-07T14:39:36.194559
server: AmazonS3

GET
H/1.1 200
OK clear.png
st10.sofi.com/fp/ Frame E248 81 B
474 B 26ms
18ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Date: Tue, 29 Oct 2024 12:59:01 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK HP
st10.sofi.com/fp/ Frame 37DD 0
0 47ms
17ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/HP?session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&org_id=5ugj8dr8&nonce=e47229dbdeca8647&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: st10.sofi.com
URL: https://st10.sofi.com/fp/check.js;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647&jb=35302e2468736d77354e6b6c7770266a7b6d3544696e757024627160753d416a706d6f65266a7b603f436a70676f67273038313338

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login-csx.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: nl-NL
Content-Type: text/html;charset=UTF-8
Date: Tue, 29 Oct 2024 12:59:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame E248 81 B
535 B 52ms
15ms XHR
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*, 5ugj8dr8/e47229dbdeca8647ee9c3066-2c2b-4d97-9501-7863e52b7bb4
Referer: https://login-csx.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: private, must-revalidate, max-age=0
Etag: 55f7e4909d8e46fba20307bab0b8f156
Connection: Keep-Alive
Expires: Sun, 28 Oct 2029 12:59:01 GMT
Access-Control-Allow-Origin: https://login-csx.pages.dev
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Tue, 29 Oct 2024 12:59:01 GMT
Last-Modified: Tue, 29 Oct 2024 12:59:01 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK ls_fp.html;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573
st10.sofi.com/fp/ Frame 53D8 0
0 58ms
19ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/ls_fp.html;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login-csx.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 29 Oct 2024 12:59:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame E248 0
398 B 21ms
21ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647&jb=33362e6e71613f673e646067673e66663a676e3c6561636a673e363b3566313534666432626631

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=95
Date: Tue, 29 Oct 2024 12:59:01 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK es.js Show response
st10.sofi.com/fp/ Frame E248 134 B
654 B 21ms
21ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/es.js?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647&data=AAzwphUnSulMR2PXovB8mCnWT0rUa_rZg1QfYMprm2C4GTTxFiMKLKLvfPMWHmKjAGj-briGcug7fOZY8K_F6i63BLlQ1Q

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e8b6e0d468f08e9da609e96947aee1d195201ee456407337b50200b07ec4a0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Date: Tue, 29 Oct 2024 12:59:01 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: Apache

GET
H/1.1 200
OK sid_fp.html;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573
h.online-metrix.net/fp/ Frame 2326 0
0 52ms
20ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login-csx.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 29 Oct 2024 12:59:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573
st10.sofi.com/fp/ Frame 1919 0
0 33ms
19ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/top_fp.html;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login-csx.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 29 Oct 2024 12:59:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
h64.online-metrix.net/fp/ Frame E248 0
399 B 812ms
163ms Script
text/javascript 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h64.online-metrix.net/fp/clear.png?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647&i=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=100
Date: Tue, 29 Oct 2024 12:59:01 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 204
204 clear.png Show response
st10.sofi.com/fp/ Frame E248 0
218 B 22ms
17ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647&ja=323039302426613f3e3224783f3e30266e3f393e303078393038322461663f33343232783132383224737a7b3537327a37382664787035392c3136383224333030302e333432322c313238322e313432382e333032382c313e3238243132383d2e3d322e3530246f763f3037663539663131363b6d346064303839623e346a6c3338376a326964316334246f6c3f302673636c3f3034246e603f6a76767873253b432d3a4625324e6e67656b6e2d61717a2c726167657b2c666574273a4424726e353526786a356d3830326c6469373735313b31643667626538313b31656036693b3b303b386426606a35393138323e643d613334643a643160356334653a613b3566376e63673566316226627167354c696e7d7a2e6871623d416a706d6f6525323833313024687b6d773f4e616e757024627b62753d4b6a7a6d6f65266c6a613f3034266e6c6f3f38246c6576723f322e747a6c3f4d7d726f706d273a44436d7376677066636d266d69766a723f3638323166336b32626d61383a6536636b373e3232383263663337373430316e6636353a3a39363366346d61613a366c6b3934616e606c3530333131333b3463266472356a767472712d314327304e25324e6e676f696e2d6b71702c72616767712c66677625324e24723d726e7d656b6c5d6e6c617b6a2d3d45666164716d23726c75656b6c5d75696e646775715f6f676c6b635d726461796d702d3d45666164716d23726c75656b6c5d63646f626d5d6363706d6a637627374d666164716d29706c756f6b665d7375696169766b6f6525354d64636c716729726e7765616e5f7b6a676b6b77617e672d374766616e716723726c7567616c5d72676364726e637b6d72253d476e696c73652972647765696e5d746e615d706c617167702537476e636e716729706c7d6561665f64657e6364747025354764636e71652170647765696c5d7b74655d746165776d702d3d45666164716d23726c75656b6c5d686176612d374766636e7b6724656e57633d7f676a6f6c57656a4544273030312c32273032284f706d6c454c2730384751273038322e38273a38436872676f61776f29576760454e2732304744514e2530324d51273032392e302d3038204f70656645442730304551273032454c534c2d30324551273a32332c322d32304b6a7a676d6975652b5f67604b6976556760496974253a325565604544434c454e4d5f6966717c696e63656c5d6970706179712731402732304550565d626e6766665d6f6b666d6170273b4a2532304d5a5c5d616c69725d616d6c74726f64273142273038475a565d6b6f6c6770576a7566666d70576a636c665d646e6d637425334a273030475a5c5d6667727c685f6b6e69657025334a273a324758545d646e6d63745f6264676c6427314a2730324750545f6e70696f5f6465787660273142253032475a565f706f647b656f6c5d67646471677c5f63646365782533422d3038475a545f716a636667725f746d7a76757067576e6d66273b42253a324d50545f746d7a7c7770655f616d6f7270657373616d6c5f60727c612731402d32304d5a5c577465787c777a675d636f6f7270677173696f665d706776612d314027303845585c5d7c6d7874757a6757646b6c7467705d636c69736f7c706d706b612d314027303845585c5d7c6d7874757a67576f6b72726d705d616e616d7057766d5f67666f672731402d32304d5a5c577352474a273b402732304d47515d676c656d6d6c765f6b6c6c677a5d77616e742d314a2d32304f4d515764606f5f70676c6667725f6d61726f6172273b4027303247455357717c696e64617a6657666772697463766b746573253b402732324d4d515d76677074757a67576e6c6f617c273b402732304d47515d766578747d70675f646e6763765d6e616e6569702d3b422532384d4d515d74657a767770675f686164645d666e6d69762731402d323047475b577465787c777a675d68616e645d646e6f6174576e6b6e67637a273140273a304f4d51577e6572746d7a57637072617b5d6d60686563742d31402530325f4740454e57636f646d7a576275666e677a5d646c6f63762731402532305f4740474e5d6b6d6f72706d73736d66577c6578747d706d5d63737461273140273230574d40454c5d61676f7270677b73656c5d7c6d7874757a67576776632531402730325745424f4e5d636d6f78706771716d645f7c67707c75726557677c613325334027303255454247445d616f6f727a677171676c5f746d7a7c7d72655f7b317c61273342273032554742474c57616d6d72706d7171676657746570767d7a655f733b766b5d71726760273140273230574d40454c5d666d6077655d7a656e6c677a6d725f69666467273142253032554740474c5f6c676075655d7b6a6366677a73253b402d3a3057454a45445d666570766a5d76677874757a67273340273a325547404f4c5f6c70697f5f62756e646d707125334027303255454247445d6e6f716757616d6c766d78742d314a2d3230574d404f4e5d6d756e766b5d667261772d31402530325f4740454e57706f647b6f676e5f6d67666d333426676e5d6a3f3a3666336b3a36613a353960363a676964383c3431696434613f603d61343038603a6366373531362e75656c743f416c76676e2d3230416c6b262677676470354b6c74656e2730324b7269732d30324f726766454e273038456e6f6b666d2663636c3f3c24656c685d6a3f60343335666c613234666738606330616966373d663d696565636b3b3c373634663b373a32613035&jb=31333c246e713f4f67786b6e6e6925324e372638253230205a39332733422730324e6b6e75782d3032783a345734362b273a30417872646d576562436b7c2730463531352c313425323020494a544f4e2d30412730386c6963672d3a3047656b69672b273230416a706d6f6525324e3331302c3226322c32273a30536964697a6925324e373b352c3336

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=97
Date: Tue, 29 Oct 2024 12:59:01 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 200
OK clear.png
5ugj8dr8p2p65btwine3nfzsn4vynwlqmee2e2ume47229dbdeca8647am1.e.aa.online-metrix.net/fp/ Frame E248 81 B
438 B 113ms
21ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5ugj8dr8p2p65btwine3nfzsn4vynwlqmee2e2ume47229dbdeca8647am1.e.aa.online-metrix.net/fp/clear.png?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647&di=yes

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: close
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Date: Tue, 29 Oct 2024 12:59:01 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H/1.1 204
204 clear3.png;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573 Show response
st10.sofi.com/fp/ Frame E248 0
218 B 21ms
20ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear3.png;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647&jac=1&je=38342e246f65666a352a3127304b31253a413b2d3243313b633b6331386460613a60353134346e613a3237303f633633343b36316e3430303338646c363a3364396566343566613565333a34633632363e316064643029

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=96
Date: Tue, 29 Oct 2024 12:59:01 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 204
204 clear1.png;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573
st10.sofi.com/fp/ Frame E248 0
400 B 19ms
18ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear1.png;CIS3SID=1FF4BFE5D4CC02BD62A24A798880B573?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647&jf=343130247169665d7a6c663f766c725f61573c6e656a636a743b5a5750664a6a24716b645f646976673d33353b323032343f34302e71616c5f74797867357567623a67616671632673696c5d69657b3f3b32373b313831333834383f3261383e36306167336432303233323630383a633a36363a6b673166323b30313835383b34323038323c3531376533313231606663663d3561373b3a3160303a366c38363d343c3f3062376a366d363166633461633a3a6332323167613466353f343b30353f61613e31313b3139333b363e336637373b67333a633831333c67316230676b326734316d36366931383b3861336b326b33333061613031666030643438343a6264333d3724716b6c5f736165353b30343638303a3332306334363364613737356c63363530303f613530326a6437693069383464613f333f3763356432303b60303465393832373560673c333566323d323769643c3f3530323a33383266366130353467606164313b33366131376b3060313438643738323a3066306130603d3b6130323a616130613739646b363333643b69676136646b64626e3a6e2e7369667a3f38

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=94
Date: Tue, 29 Oct 2024 12:59:01 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png;charset=UTF-8
Server: Apache

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame E248 0
398 B 18ms
17ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=ee9c3066-2c2b-4d97-9501-7863e52b7bb4&nonce=e47229dbdeca8647&jac=1&je=36383924246a646c35313a24686e683d3c663e3b63303838316b67353639313b606460636366313a606537333935313424626674663f383234393a3b3a2e756b693d3335302c33372e302637352c333226362c3b3426323430247f6d693d33392c3a32362e3137302c333b35267761343f6666606e383366313f3a626a673832303a37383832643a26706f3f6c6d246261747b763f2535402d30306e677e656c2d303a2d3341312632382730432530307176637475732d30302531432d3030616a697267616c6f2d3232253f462e637764683f616335603965366d343a3161616961346430693763393b3a313336333c346a37613331353b3460366438646c363a3632323b3a6467366e30336e616c303435392e6770313f633131613667323539653033663035356e3164666038643830356931383434693a6a67613363316024677a343d633f3a35343030306363643b3a373438633b6a663565383b6a67643637646132247761683d2d35402530306970616a6b7c65637c777a6d2532322d31492730322530302730412532326a6b766e67717b273030273b41253a302d3a3225324b273a306072616c667127303225334927374227374c273041273a32667d6e645e657273616d664e6b737427303027314125354a27374427304b2730306f67626964672d3a3225334964696e71652530412730306d6f646d6e273230273b432730302d32322d304b2d32327064637c646d726d27303027314125323a27303227304b273030726461746e6d7a655665727b6b676c27323227314327303225323a27304327303a756d75343c25323a273b4966616c7b672d35462675636e3f27354225323a6070616c667b273030273b41253d402d3d4425324b273a306f6f626b6e6727303225334964636c71672d304127303a706c69766e67726d253a302d3143253230273030273744

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login-csx.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=93
Date: Tue, 29 Oct 2024 12:59:01 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SoFi (Financial)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
st10.sofi.com/	1970-01-21 10:12:46	Name: thx_guid Value: 1604a40f3bb1f51b18941e53bfae965b
st10.sofi.com/	1970-01-21 10:12:46	Name: tmx_guid Value: AAwzxMCZ3q7tysIsmdxoD-AkFWurdKmt27JTPUlHhtulNWhjDdb2tjrABDi2KXmOWHJWN4tUxeASyVAUpoAFxGcrRzN-OQ
fp.sofi.com/	1970-01-21 10:12:46	Name: soc_visitor_id Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJkYXRhIjp7InNlc3Npb25faWQiOiJiMTQyOTVjOC05MjY2LTQxZmUtOTliNy02YTllOGEzOWM0NjIifX0.RCZdIPVhz-tO-gnsz_AdZAmg0uRTaTVukNw2ktEKjbqp4dqH2Eg1N38yHhQqaKanNcRoO_Qh--i6Ckkm1NGQzg
.sofi.com/	1970-01-21 00:36:48	Name: __cf_bm Value: UoNthN84wH23bXSQzhbD49WlBwnLMunx94nEtK2s3Fs-1730206741-1.0.1.1-MO_BARWM384KoFr2vFS0l5mHs8padce8FaCiEoA80wi8j3C4kvtjGH.o60i9FRHrMYeseckchYF3l.uofJr7OQ
.sofi.com/	1969-12-31 23:59:59	Name: _cfuvid Value: .JdeEZuxJFgoNTOqJ6Dua0k21l9OiBJNCvl5Jb5RJUY-1730206741451-0.0.1.1-604800000

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://login-csx.pages.dev/ Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/datadog-rum-v4.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/ Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/tags.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/ Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/devicer.min.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/ Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/otSDKStub.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/ Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/api.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/ Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/otBannerSdk.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/clear.png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/es.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
rendering	warning	URL: https://login-csx.pages.dev/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0C0C400A4120000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/clear(2).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/clear(3).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/HP Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/check(1).js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/HP Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/ARF' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/clear(4).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/clear3.png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/clear(5).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/clear(6).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/clear3(1).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/clear3(2).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/clear3(2).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/check.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/ls_fp Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/clear(8).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login-csx.pages.dev/Login%20-%20SoFi_files/ls_fp Message: Refused to execute script from 'https://login-csx.pages.dev/Login%20-%20SoFi_files/es(1).js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
rendering	warning	URL: https://login-csx.pages.dev/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E01002A4120000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://login-csx.pages.dev/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F0C400A4120000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://login-csx.pages.dev/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B01002A4120000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5ugj8dr8p2p65btwine3nfzsn4vynwlqmee2e2ume47229dbdeca8647am1.e.aa.online-metrix.net
cdn.cookielaw.org
challenges.cloudflare.com
d32ijn7u0aqfv4.cloudfront.net
d3331otr86r7j1.cloudfront.net
fontmetrics.net
fp.sofi.com
h.online-metrix.net
h64.online-metrix.net
js.dvnfo.com
login-csx.pages.dev
st10.sofi.com
104.18.38.31
104.18.94.41
104.18.95.41
18.66.122.106
188.114.96.3
192.225.158.1
2600:9000:2251:2e00:10:8d:3740:21
2606:4700::6812:562a
52.43.176.137
91.235.132.130
91.235.132.67
91.235.134.131
99.86.1.157
079fac1c9dfc450804055fe738429eeff1643ee0ebf96026cc1f599942ef2a4b
0ae398dbea814491b5f373fa25680e1a7cfdaa9f293e949d89495af91f1bf00d
0c26662aa165b09133ec1e69f03327822ffcdeecb2e8dc3e075c3b14c816c5b9
0f51bfea694d99efdac2e8223be8bfa713bee494c44605fec6a2e721f992dce5
16ad14b04bbb43106c487ed24c60f706cb02cf4b59aa1ff1823f3df83761c3ef
1a764390bce88dc7824b60dd9a5e63810a2cdf1af4ebbd5df8626c2a6dcfda1b
281f77331b6fcd4f1db65eda99cee9c7478055127ca878edddc20c380c03df6c
2bc10458f3da34e07a6e8314a21f932b30ff26f77dfe79cb6c36eb07234c3da4
2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611
36573d44d8e1d2e14e82744dfa76edde1c5175721a185bb4349829cefc0435f6
36d1d9381f6d7c139e0d5314c929f87437cd30b8cd12455e2404aadc57005391
4161e8b093c0be14c542b0948c6271b1ee5ccd53e6274654a91224c343bc418a
430052c76cc922dff1176f4d5a3070526db475ae6a4c9d863c0bac35118d12a7
43e8b484d3d5c4b99cc89ce2b933186779acad8d8cc203b204fa76425617fc23
4c3bc1a97aea8af9e2192a12a5b1876ac8d912170cabd03681d1faf7bbd900a5
5b75ac6f98994352699841dffa6e562725ebbd0005c539946ad3625ec550eb0f
5e400ca375e8867f005e84c0d80362858465d14b5517eab70ee83e01250dcb1d
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
734b5f8af2a3d77d664c4306cd97ba44f4f065966d57c34c094db079a51a7e57
7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c
8d2350225a4fee2f14cbba05ebdb555c906b10f29143c471c8addbdff40f8f2e
92cb567a8664f14bd017573f79ca0ad1414c318a97f66681524111b4bb517215
9508ba9ddb8676bfd9798804dd64342150e71612590be997eca8669b485c5dba
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
a7c6baefcdda36fefc81f42a0abafdd31a62b7d425ff2542925f9dfdca17b411
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
ae2201480399508c818dda54ecbd092857fc348d9bca0f3cc2b7bc0dd269dbad
c3087446afe87c5da27035fd77db71f3d9911966b3cd33a452f80d731fbf8159
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
db6563f105e99321092356cd5f62721caeb4a58f7f857367bd838ad2ff99e749
e182f76b074753911d9dc5c0db48650a94472ac95dccf64d9d9b8100be6a03b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b6e0d468f08e9da609e96947aee1d195201ee456407337b50200b07ec4a0d4
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
faf42b8c9fdc4af3c81d6f65a23307dbdd32de18248c9b8d4dddb3db6d5cab55
fd70f6ab934cd87e4b40fcd193a7359b518376f3d3b34140a5ec5582d0d88e3a

login-csx.pages.dev Open in urlscan Pro 188.114.96.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

99 %HTTPS

15 %IPv6

8 Domains

12 Subdomains

14 IPs

3 Countries

1782 kBTransfer

2795 kBSize

5 Cookies

9 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login-csx.pages.dev Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

99 %
HTTPS

15 %
IPv6

8
Domains

12
Subdomains

14
IPs

3
Countries

1782 kB
Transfer

2795 kB
Size

5
Cookies

71 HTTP transactions
1 data transactions