login.sofibank.cc Open in urlscan Pro
2606:4700:3030::6815:5d5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login.sofibank.cc/
Submission: On October 29 via automatic, source certstream-suspicious (October 29th 2024, 11:14:16 am UTC) — Scanned from DE

Summary HTTP 72 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 8 domains to perform 72 HTTP transactions. The main IP is 2606:4700:3030::6815:5d5, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.sofibank.cc.
TLS certificate: Issued by WE1 on October 29th 2024. Valid for: 3 months.

This is the only time login.sofibank.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SoFi (Financial)

Domain & IP information

	IP Address	AS Autonomous System
6 47	2606:4700:303... 2606:4700:3030::6815:5d5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.213.54.85 54.213.54.85	16509 (AMAZON-02) (AMAZON-02)
17	91.235.132.67 91.235.132.67	30286 (THM) (THM)
1	18.66.122.87 18.66.122.87	16509 (AMAZON-02) (AMAZON-02)
1 4	2606:4700::68... 2606:4700::6812:5e29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2251:c800:10:8d:3740:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.149.225 172.64.149.225	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	99.86.1.157 99.86.1.157	16509 (AMAZON-02) (AMAZON-02)
1	2620:f3:0:14:... 2620:f3:0:14:b401:8ee8:4321:ad82	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
72	13

47 2606:4700:3030::6815:5d5 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

login.sofibank.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.213.54.85 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-54-85.us-west-2.compute.amazonaws.com

fontmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 91.235.132.67 (United States)

ASN30286 (THM, US)

st10.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-87.fra60.r.cloudfront.net

js.dvnfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:5e29 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:c800:10:8d:3740:21 (United States)

ASN16509 (AMAZON-02, US)

d3331otr86r7j1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.149.225 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

fp.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.1.157 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-157.fra6.r.cloudfront.net

d32ijn7u0aqfv4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:f3:0:14:b401:8ee8:4321:ad82 (United States)

ASN30286 (THM, US)

h64.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

5ugj8dr8qqofnrcvzrv63gp6jbdczcyeswza3nqec875dc27bc52cfe3am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	sofibank.cc 6 redirects login.sofibank.cc	2 MB
19	sofi.com st10.sofi.com — Cisco Umbrella Rank: 113526 fp.sofi.com — Cisco Umbrella Rank: 148322	85 KB
4	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3168 h64.online-metrix.net — Cisco Umbrella Rank: 2424 5ugj8dr8qqofnrcvzrv63gp6jbdczcyeswza3nqec875dc27bc52cfe3am1.e.aa.online-metrix.net	1 KB
4	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 3443	16 KB
2	cloudfront.net d3331otr86r7j1.cloudfront.net d32ijn7u0aqfv4.cloudfront.net	35 KB
1	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	2 KB
1	dvnfo.com js.dvnfo.com — Cisco Umbrella Rank: 98616	42 KB
1	fontmetrics.net fontmetrics.net — Cisco Umbrella Rank: 309991	74 B
72	8

	Domain	Requested by
47	login.sofibank.cc	6 redirects login.sofibank.cc
17	st10.sofi.com	login.sofibank.cc st10.sofi.com
4	challenges.cloudflare.com	1 redirects login.sofibank.cc challenges.cloudflare.com
2	h.online-metrix.net	login.sofibank.cc st10.sofi.com
2	fp.sofi.com	js.dvnfo.com
1	5ugj8dr8qqofnrcvzrv63gp6jbdczcyeswza3nqec875dc27bc52cfe3am1.e.aa.online-metrix.net
1	h64.online-metrix.net	st10.sofi.com
1	d32ijn7u0aqfv4.cloudfront.net
1	cdn.cookielaw.org	login.sofibank.cc
1	d3331otr86r7j1.cloudfront.net	login.sofibank.cc
1	js.dvnfo.com	login.sofibank.cc
1	fontmetrics.net	login.sofibank.cc
72	12

This site contains links to these domains. Also see Links.

Domain
www.sofi.com
login.sofi.com
support.sofi.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
login.sofibank.cc WE1	`2024-10-29` - `2025-01-27`	3 months	crt.sh
fontmetrics.net Amazon RSA 2048 M03	`2024-10-07` - `2025-11-05`	a year	crt.sh
st10.sofi.com Go Daddy Secure Certificate Authority - G2	`2024-03-26` - `2025-04-05`	a year	crt.sh
*.dvnfo.com Amazon RSA 2048 M03	`2024-04-22` - `2025-05-21`	a year	crt.sh
challenges.cloudflare.com WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.sofi.com Go Daddy Secure Certificate Authority - G2	`2023-11-28` - `2024-12-29`	a year	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-09-19` - `2025-10-20`	a year	crt.sh
*.aa.online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-09-19` - `2025-10-20`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://login.sofibank.cc/
Frame ID: 85ED5C3AE5F3FFAE2D458995BA255750
Requests: 24 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yqx2k/0x4AAAAAAAQFNSW6xordsuIq/light/fbE/normal/en/
Frame ID: 8C9AE78A17669FB76AC7B999AA7E049A
Requests: 1 HTTP requests in this frame

Frame: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource
Frame ID: CDC4692B9C9629784C0D33B1B292AF3F
Requests: 1 HTTP requests in this frame

Frame: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)
Frame ID: EAB6DA8F51F8D531DB8FA04E267FBD01
Requests: 17 HTTP requests in this frame

Frame: https://login.sofibank.cc/Login%20-%20SoFi_files/HP
Frame ID: F537ABB870FB276BBC8C415140103D71
Requests: 3 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/02h1c/0x4AAAAAAAQFNSW6xordsuIq/light/fbE/normal/en/
Frame ID: 89F2540A825BEDB3278C2044A600FE49
Requests: 1 HTTP requests in this frame

Frame: https://login.sofibank.cc/Login%20-%20SoFi_files/ls_fp
Frame ID: E4F4114FC4A3642F9484BED82560CA9E
Requests: 5 HTTP requests in this frame

Frame: https://login.sofibank.cc/Login%20-%20SoFi_files/sid_fp
Frame ID: D6F06D58270673D2BF331C0A5C775F75
Requests: 3 HTTP requests in this frame

Frame: https://login.sofibank.cc/Login%20-%20SoFi_files/top_fp
Frame ID: D54C2D1646001BD59379631D7BCAE496
Requests: 1 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/check.js;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3&jb=3730262462736d7735446b667d70266a736d3544696c7770246a7362773f416a706d6d67246a736035436a706765672d3a38313330
Frame ID: 348284396DDD85C78C1777BBCD1A1C0C
Requests: 12 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/HP?session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&org_id=5ugj8dr8&nonce=c875dc27bc52cfe3&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 85984D568D08C2690433BD5DFAE16D12
Requests: 1 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/ls_fp.html;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3
Frame ID: EF0D2ACC312A3EDE60F18CDA48B66FEA
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3
Frame ID: 23585F44AEA64DB881B206BEDCF45FC1
Requests: 1 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/top_fp.html;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3
Frame ID: 573E27174FC54D91F796B2C0CA0F01D0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - SoFi

Detected technologies

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

72
Requests

99 %
HTTPS

42 %
IPv6

8
Domains

12
Subdomains

13
IPs

1
Countries

1789 kB
Transfer

2795 kB
Size

8
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sofi.com/

Search URL Search Domain Scan URL

URL: https://login.sofi.com/u/login/password-reset-start/sofi-auth-db?state=hKFo2SBuNEpNMkFIVUxLdkx0YlJBOXRDSnVvNDVqZWpEV2hXN6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFNYbUZReS15ek1QVFM1WWdManFJWjNwSkc5a1hySUJUo2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I
Title: Forgot password?

Search URL Search Domain Scan URL

URL: https://login.sofi.com/u/login?state=hKFo2SBuNEpNMkFIVUxLdkx0YlJBOXRDSnVvNDVqZWpEV2hXN6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFNYbUZReS15ek1QVFM1WWdManFJWjNwSkc5a1hySUJUo2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I
Title: New to SoFi? Sign up

Search URL Search Domain Scan URL

URL: https://support.sofi.com/hc/en-us/sections/360010482151-Troubleshooting
Title: Help

Search URL Search Domain Scan URL

URL: https://www.sofi.com/terms-of-use/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.sofi.com/privacy-policies/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.sofi.com/online-privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=captchaCallback_716131 HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js

Request Chain 21

https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource.html HTTP 308
https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource

Request Chain 22

https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1).html HTTP 308
https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Request Chain 23

https://login.sofibank.cc/Login%20-%20SoFi_files/HP.html HTTP 308
https://login.sofibank.cc/Login%20-%20SoFi_files/HP

Request Chain 43

https://login.sofibank.cc/Login%20-%20SoFi_files/ls_fp.html HTTP 308
https://login.sofibank.cc/Login%20-%20SoFi_files/ls_fp

Request Chain 44

https://login.sofibank.cc/Login%20-%20SoFi_files/sid_fp.html HTTP 308
https://login.sofibank.cc/Login%20-%20SoFi_files/sid_fp

Request Chain 45

https://login.sofibank.cc/Login%20-%20SoFi_files/top_fp.html HTTP 308
https://login.sofibank.cc/Login%20-%20SoFi_files/top_fp

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
login.sofibank.cc/ 169 KB
37 KB 158ms
88ms Document
text/html 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

281f77331b6fcd4f1db65eda99cee9c7478055127ca878edddc20c380c03df6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8da2bd917f6ef124-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 11:14:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jCSGzccb36ftuI1c4iaXPuNPDAQvPrUfCqRXoG7%2BxEjveDkv1dnLvSw6upchXt0LWkFSvNFaOwF%2BKlw%2BI05yEHDxXSRiuqiS%2F9yrg58HMEFS3OJSfQ7fYhGuqYjvKB2YtvdwXnksahK0sOwIXwtWgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=23330&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4000&recv_bytes=2384&delivery_rate=172281&cwnd=253&unsent_bytes=0&cid=7ad6ae940cc96753&ts=94&x=0"
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 main.cdn.min.css
login.sofibank.cc/Login%20-%20SoFi_files/ 278 KB
63 KB 121ms
120ms Stylesheet
text/css 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/main.cdn.min.css

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f51bfea694d99efdac2e8223be8bfa713bee494c44605fec6a2e721f992dce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"af2f387fe2152a736694efb594fc867f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4r9HM1SrreXJ0tfEu6TpopXHUXroMgG%2Fi2w1sCxIh0lb%2BYXr5BsOf5MOH%2FmtcuHufSmZt1Qd70nzriO5Ml6KmKwyU%2BtJg82k%2FhYc5daEODCChvRre8g3n939NjTfPbSdbgYRqf5dxyfe%2F5sMBGuOVg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=24136&sent=116&recv=27&lost=0&retrans=0&sent_bytes=106651&recv_bytes=3108&delivery_rate=1939006&cwnd=253&unsent_bytes=31872&cid=7ad6ae940cc96753&ts=208&x=0"
date: Tue, 29 Oct 2024 11:14:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd92082af124-CDG
access-control-allow-origin: *
server: cloudflare

GET
H2 200 datadog-rum-v4.js.download Show response
login.sofibank.cc/Login%20-%20SoFi_files/ 150 KB
150 KB 119ms
118ms Script
text/plain 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/datadog-rum-v4.js.download

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "a1a2da28fed42a6f82f2f8b5761dd889"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bUPW9I%2BG%2FVN9nysxHjPvA0h0Ps%2BYSJAYbsANLe3TdqeflYukrm0o2gG8PkOQYWPfsUXc5mscbIX%2BXxtVzswFUQuvuXjIYyNnCC%2F0NdjfIBcxlSaHhHvPNRsNHwH%2FFD%2B6yG%2Fly4E0nF39SNZEGrYQJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd92182cf124-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 153156
server-timing: cfL4;desc="?proto=TCP&rtt=24136&sent=116&recv=27&lost=0&retrans=0&sent_bytes=106651&recv_bytes=3108&delivery_rate=1939006&cwnd=253&unsent_bytes=31872&cid=7ad6ae940cc96753&ts=196&x=0"
date: Tue, 29 Oct 2024 11:14:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 tags.js.download Show response
login.sofibank.cc/Login%20-%20SoFi_files/ 95 KB
96 KB 93ms
92ms Script
text/plain 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/tags.js.download

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43e8b484d3d5c4b99cc89ce2b933186779acad8d8cc203b204fa76425617fc23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "d73d8ad40b4641d1bf250d1064c84d04"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JheBuUAyGAPIwELr95gBcqOvGYzarbHF2KL1lllIMkPvvjHAFp7An1JuVvypoIkmK3Xj5GPKCzyUUzr3C93wrjyvsBt%2BzypJaVOobuvF6oM4DiMqGgTTWPnn8MspvMPr7lY%2BPsFJQquENslexy5fOw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd92182ef124-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 97641
server-timing: cfL4;desc="?proto=TCP&rtt=24136&sent=64&recv=27&lost=0&retrans=0&sent_bytes=42523&recv_bytes=3108&delivery_rate=1939006&cwnd=253&unsent_bytes=0&cid=7ad6ae940cc96753&ts=194&x=0"
date: Tue, 29 Oct 2024 11:14:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 devicer.min.js.download Show response
login.sofibank.cc/Login%20-%20SoFi_files/ 41 KB
42 KB 119ms
119ms Script
text/plain 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/devicer.min.js.download

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "e488bbea3a9a385b6fb4069930804619"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lPuXvuNfg%2FTGMx5dX4zzrGkzE7ZeIFgJ%2F1b1WAQ0BCuxo%2BdT7jj2M1kIGCLhsV7jLajor7zkfpodM22LRztbP9eNhyL03NNk0Qtu2lbT%2BbNM9XxujSe6%2FTGyB%2FuUHlyfHR2Y8ca5e9RpAHeT%2BjMNng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd921830f124-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 42146
server-timing: cfL4;desc="?proto=TCP&rtt=24136&sent=116&recv=27&lost=0&retrans=0&sent_bytes=106651&recv_bytes=3108&delivery_rate=1939006&cwnd=253&unsent_bytes=31872&cid=7ad6ae940cc96753&ts=199&x=0"
date: Tue, 29 Oct 2024 11:14:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 otSDKStub.js.download Show response
login.sofibank.cc/Login%20-%20SoFi_files/ 22 KB
22 KB 115ms
114ms Script
text/plain 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/otSDKStub.js.download

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "5e0a37e502e437d3784bbb6dd71cee38"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSxYYgGsJJosVN157E9dR4xx1DczLwZIMYlI1phnu6AnNUDPs%2Bwr3KS6GFUW2yN8xthce%2FQx17RDzlT8v6cwlzIxA5CV6ny610vwOQDn%2BW%2F1u6R8DS%2FoxQRyBTLR900YB3%2FDokHGmGAEiwXI4CQ%2FEg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd921838f124-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 22463
server-timing: cfL4;desc="?proto=TCP&rtt=24136&sent=116&recv=27&lost=0&retrans=0&sent_bytes=106651&recv_bytes=3108&delivery_rate=1939006&cwnd=253&unsent_bytes=31872&cid=7ad6ae940cc96753&ts=205&x=0"
date: Tue, 29 Oct 2024 11:14:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 otBannerSdk.js.download Show response
login.sofibank.cc/Login%20-%20SoFi_files/ 381 KB
382 KB 119ms
117ms Script
text/plain 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/otBannerSdk.js.download

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "2dae13afed9b5a040d2f8c549a070379"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZkhajjVkf7U7L1WWaxw7DmpQ1bDovk4mSOCDqF9KaqcCEW1o1WEeiPgwqLAyWp%2FQ6dlsrYt%2FnFjKpLryeu9Q1n9cojZz1xGIh6wD704k7Wp%2FL%2BDoLffmOk8UoKfY%2FHMyr7%2FmYtaWBsgztKIZTEqlqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd934afd22b5-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 390260
server-timing: cfL4;desc="?proto=QUIC&rtt=23561&sent=62&recv=30&lost=0&retrans=0&sent_bytes=57074&recv_bytes=8311&delivery_rate=633527&cwnd=31200&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=285&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 11:14:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sofi_logo_white_416x116.png
login.sofibank.cc/Login%20-%20SoFi_files/ 10 KB
10 KB 143ms
142ms Image
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/sofi_logo_white_416x116.png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4161e8b093c0be14c542b0948c6271b1ee5ccd53e6274654a91224c343bc418a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

cf-cache-status: MISS
etag: "cf50457f39fa22db7423b45f7bd67e7f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QBfqWzxHrdWXpaSwoNztD06Lzv2NL7lVIBDTPSG00gh3eq92TU2MB67P%2FQc4XC0mXtlQklMPAnl5xqSoFrZX5I%2Fu5d%2BfNIFqHz45%2Bqmtl1zXEY5BwHX47KdwM%2BH%2FizPxrIqDF35dz%2B7T%2BW7bm0JbZw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23041&sent=187&recv=33&lost=0&retrans=0&sent_bytes=198130&recv_bytes=3108&delivery_rate=2902918&cwnd=253&unsent_bytes=45152&cid=7ad6ae940cc96753&ts=218&x=0"
date: Tue, 29 Oct 2024 11:14:10 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd922854f124-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9807
server: cloudflare

GET
H2 200 7331d0a5289a23fb1966.png
login.sofibank.cc/Login%20-%20SoFi_files/ 22 KB
23 KB 144ms
143ms Image
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/7331d0a5289a23fb1966.png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e182f76b074753911d9dc5c0db48650a94472ac95dccf64d9d9b8100be6a03b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

cf-cache-status: MISS
etag: "1f550f47a56078534e65f09cb0e39623"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P2a%2FwFUI%2F3owb%2FJvRhx6CSIt5jn9fWM8YtKqEqsS3falEThfuAFe5oHSRGOsYfnNFzSl1D%2ByOkqNxjqxMIUkshkupMtPNNYZY9xLAMaW7R6SjVbj2C26%2FyTChpSEtp9cVDQ7FYm8dlO0IaRAOaNfcA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23041&sent=187&recv=33&lost=0&retrans=0&sent_bytes=198130&recv_bytes=3108&delivery_rate=2902918&cwnd=253&unsent_bytes=45152&cid=7ad6ae940cc96753&ts=219&x=0"
date: Tue, 29 Oct 2024 11:14:10 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd922856f124-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22918
server: cloudflare

GET
H3 200 a26e7094b0235d2942ad.png
login.sofibank.cc/Login%20-%20SoFi_files/ 25 KB
26 KB 95ms
95ms Image
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/a26e7094b0235d2942ad.png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd70f6ab934cd87e4b40fcd193a7359b518376f3d3b34140a5ec5582d0d88e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

cf-cache-status: MISS
etag: "8a2d3b01d16331376d2c9f72cd8329b0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TOQSHre1t93JHDmQvP0VjQmIoGM4TA61SkiLY%2BkylA%2BQzSZDmriN7vdI64lu4%2BOxsu2MdOPLGBuAFE%2F4DEyCI3xTQvkWwg1L%2BrTCRSYL9ObH3C6bAXF%2Bkp%2FBHa3IyicWSdhBRgOTWh56YuKJFRXjGA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24331&sent=14&recv=16&lost=0&retrans=0&sent_bytes=4297&recv_bytes=6517&delivery_rate=582&cwnd=12000&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=237&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd931ab422b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26088
server: cloudflare

GET
H3 200 0x0.png
login.sofibank.cc/Login%20-%20SoFi_files/ 19 KB
20 KB 121ms
120ms Image
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/0x0.png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734b5f8af2a3d77d664c4306cd97ba44f4f065966d57c34c094db079a51a7e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

cf-cache-status: MISS
etag: "a6b1090d1f76b80f663164bde78ab78b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n6RGCX4%2FwhVBsQiAK6zfcztM%2BwlTY5SLLcsYIhTqz1HjXxZDop9DFR0SpBMn06NZZD9SKYg7MNc8lemUHDeB7nEE4JtJI%2BA63KU0Va0qVLZiUQGYe%2FDfmaX5zIILaDpTKjLdVFVaomokOmzIZK1icg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24331&sent=24&recv=16&lost=0&retrans=0&sent_bytes=16297&recv_bytes=6517&delivery_rate=582&cwnd=12000&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=243&x=1", cfHdrFlush;dur=18
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd932ac622b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19313
server: cloudflare

GET
H3 200 clear
login.sofibank.cc/Login%20-%20SoFi_files/ 68 B
743 B 107ms
105ms Image
text/plain 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3087446afe87c5da27035fd77db71f3d9911966b3cd33a452f80d731fbf8159

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "8f82f00b9c2c7991a901ca7dc1041e36"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dep4UN86rqJMElNgnqIVHZBY7mPDSlv3im3b7yLUCkpb4B2fWGnAVyT0Y0mwmaaNADIafCi89cf%2BejnsOgWW78aNlhjfPkTKKXDcPjU%2FvqwoucZH6mJcHT5ZNC9vrr8hvA8BIpWIiRcC9fnIhj4f9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd934afb22b5-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 68
server-timing: cfL4;desc="?proto=QUIC&rtt=24157&sent=46&recv=24&lost=0&retrans=0&sent_bytes=40321&recv_bytes=8053&delivery_rate=129155&cwnd=24000&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=271&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 11:14:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 api.js.download Show response
login.sofibank.cc/Login%20-%20SoFi_files/ 46 KB
47 KB 210ms
208ms Script
text/plain 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/api.js.download

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "b4cf1d32cd73d354028425408132868d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uptFQGxXtztNeHN6O8bdIDhA8htV8uK%2F4hirjjU3nzyJLBaupMo9INHTVH%2FieI7qO5X%2F2xPNoZkcLMWlf7x63xuClxAm815CKOTrTocwy5w6LJNR0Tc8O%2BYRvJZPJW79A8mbQamDEYCTC%2Bdg%2F6fUSg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd934afe22b5-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 47460
server-timing: cfL4;desc="?proto=QUIC&rtt=23561&sent=67&recv=30&lost=0&retrans=0&sent_bytes=61921&recv_bytes=8311&delivery_rate=633527&cwnd=31200&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=290&x=1", cfHdrFlush;dur=2
date: Tue, 29 Oct 2024 11:14:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Sofi_83x40@2x.png
login.sofibank.cc/Login%20-%20SoFi_files/ 3 KB
4 KB 231ms
229ms Image
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/Sofi_83x40@2x.png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ad14b04bbb43106c487ed24c60f706cb02cf4b59aa1ff1823f3df83761c3ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

cf-cache-status: MISS
etag: "d7a27abdbe1a050e46ceafbb4c233810"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Flf7D5lgeNaEJCNDUgiplBBeFGi%2F03fkblykrqGlexJI5TonwZgaUXevpig2kM1MqSE%2Bvk6psr%2FQUyyseqES%2B8DM12XpEl1kZDsJ7SIM56vKWddcERkh1AuIlSN890cvwa%2Fn3Ya4s9ULYsiuHCNVtA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22733&sent=151&recv=53&lost=0&retrans=0&sent_bytes=158913&recv_bytes=9716&delivery_rate=1185247&cwnd=79200&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=320&x=1", cfHdrFlush;dur=19
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd934aff22b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3234
server: cloudflare

GET
H3 200 powered_by_logo.svg
login.sofibank.cc/Login%20-%20SoFi_files/ 5 KB
3 KB 108ms
106ms Image
image/svg+xml 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/powered_by_logo.svg

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"abfcc415dc9b4da4aa49439bb8bf3e0c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZCbx%2FzxBGjJ3MB1C%2BOElCvJT%2FFx4hC87sKMoY2bZn5ymkBSEFUj9%2F5hlVwCQvwjqe0aWUNbUYNMSYU9XWyYRR%2BenX1SHof0X3iFU1D6gVqRb65gVbKgOeZJNNluXZJwz%2BnwOIi3UrCsDbQSD17DVZg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24157&sent=46&recv=24&lost=0&retrans=0&sent_bytes=40321&recv_bytes=8053&delivery_rate=129155&cwnd=24000&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=278&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd934b0222b5-CDG
access-control-allow-origin: *
server: cloudflare

GET
H2 200 sofi.com.png
fontmetrics.net/ 0
74 B 942ms
263ms Image
image/png 54.213.54.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fontmetrics.net/sofi.com.png?u=https%3A//login.sofibank.cc/&r=&ra=0.3198706733481571
Requested by: Host: login.sofibank.cc
URL: https://login.sofibank.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.213.54.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-54-85.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

apigw-requestid: AaN8qhM8vHcEMGQ=
content-length: 0
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png

GET
H/1.1 200
OK tags.js Show response
st10.sofi.com/fp/ 95 KB
13 KB 254ms
82ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/tags.js?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&page_id=1&allow_reprofile=1

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

45cdeb55dbb51244e8ad1f45d3dc665f8c869ed22c38bf98e99169147d385b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP=IVAa PSAa
Keep-Alive: timeout=2, max=100
Date: Tue, 29 Oct 2024 11:14:11 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H2 200 devicer.min.js Show response
js.dvnfo.com/ 41 KB
42 KB 252ms
21ms Script
application/javascript 18.66.122.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.dvnfo.com/devicer.min.js
Requested by: Host: login.sofibank.cc
URL: https://login.sofibank.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-87.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

etag: "a9b687ac5b02886eefbb098c4495522b"
age: 34687
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 42146
x-amz-cf-id: RktpX22FfKALA3HsAusqV7vyXXx9jmgTSOXOneJdSCSDYtHMd0TZEw==
date: Tue, 29 Oct 2024 01:36:05 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 10:54:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yqx2k/0x4AAAAAAAQFNSW6xordsuIq/light/fbE/normal/en/ Frame 8C9A 0
0 35ms
20ms Document
text/html 2606:4700::6812:5e29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/yqx2k/0x4AAAAAAAQFNSW6xordsuIq/light/fbE/normal/en/

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Referer: https://login.sofibank.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8da2bd9368f2d3a4-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 29 Oct 2024 11:14:11 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
DATA 200
OK truncated
/ 650 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login.sofibank.cc
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 TTNorms-medium.woff2
d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/fonts/ttnorms/medium/ 19 KB
20 KB 756ms
640ms Font
binary/octet-stream 2600:9000:2251:c800:10:8d:3740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/fonts/ttnorms/medium/TTNorms-medium.woff2
Requested by: Host: login.sofibank.cc
URL: https://login.sofibank.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:c800:10:8d:3740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7c6baefcdda36fefc81f42a0abafdd31a62b7d425ff2542925f9dfdca17b411

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login.sofibank.cc
Referer: https://login.sofibank.cc/

Response headers

access-control-max-age: 3000
etag: "3e26a26dab9abc3132782dba39642cab"
x-amz-version-id: H8qK4Wn88KLhqmfvNLbeFL_jAcQWtfY.
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-cache: Miss from cloudfront
x-amz-cf-id: dX3iNhqfmANeHirmdhzOlgVGoHnl1wOdUBU2_z1Q7JWHhBuyLY5nHw==
date: Tue, 29 Oct 2024 11:14:12 GMT
content-type: binary/octet-stream
vary: Origin
last-modified: Tue, 15 Oct 2024 22:41:46 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=86400
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19760
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=captchaCallback_716131
https://challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js

46 KB
16 KB

24ms
24ms

Script
application/javascript

2606:4700::6812:5e29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js
Requested by: Host: login.sofibank.cc
URL: https://login.sofibank.cc/
Protocol: H3
Server: 2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b75ac6f98994352699841dffa6e562725ebbd0005c539946ad3625ec550eb0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding: br
cross-origin-resource-policy: cross-origin
cf-ray: 8da2bd93cda5bb4a-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 18 Oct 2024 17:38:58 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location: /turnstile/v0/g/f2bbd6738e15/api.js
cross-origin-resource-policy: cross-origin
cf-ray: 8da2bd938d6bbb4a-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 29 Oct 2024 11:14:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3

200

saved_resource Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame CDC4
Redirect Chain

https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource.html
https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource

149 B
751 B

97ms
96ms

Document
text/html

2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.sofibank.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8da2bd940be622b5-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 11:14:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9k%2BsMs2br%2FoX55BliRop13u6kR0oTz%2FqhKlFnN4SJWZy62hi4aH9ZzgCzCqij1hPwakIhNPmWIHqlGOGdwd1%2FV8fUhGP4DDqGow9U7xYfc4DwS9%2BI1ZWzS9uZhFO1IY3FqlIAMDLW0FvKz7lPJ1ZIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=24923&sent=448&recv=82&lost=0&retrans=0&sent_bytes=508137&recv_bytes=11417&delivery_rate=4344987&cwnd=231600&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=377&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8da2bd93ab6b22b5-CDG
content-length: 0
date: Tue, 29 Oct 2024 11:14:11 GMT
location: /Login - SoFi_files/saved_resource
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tampyCJ7jSfNZ3EQcf2vn9aQ0vKdLEZ3rQNttD5PXdv3rasjU%2B%2BCmukc%2BqbZ3YTGbajPUVhLs4MQjTTSpTRp%2BfBqrFNVFZHpNkSQHnh%2F7sFM9SxM%2F9ArIDK%2FT5BsS6hAeR4mC5hXzNdBkfr5h5J5eA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=23561&sent=61&recv=30&lost=0&retrans=0&sent_bytes=56398&recv_bytes=8311&delivery_rate=633527&cwnd=31200&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=285&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3

200

saved_resource(1) Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6
Redirect Chain

https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1).html
https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

2 KB
1 KB

100ms
96ms

Document
text/html

2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c26662aa165b09133ec1e69f03327822ffcdeecb2e8dc3e075c3b14c816c5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.sofibank.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8da2bd940be222b5-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 11:14:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ef3FI4RNVtjBhO95ZhCRE5hhUcUXZ1lJpuez4qVq6k21%2FksxU4NLJZ2kP8gPQqOYMOpLkM6K65COpn%2BO%2BYwpzW3IUlH7wXex4R0jXu%2FPMAy%2F8BZ%2FOVQ0FofbCNaK5jIciQ0BvDMFiY83Uwr%2BGnfSRw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=24923&sent=448&recv=82&lost=0&retrans=0&sent_bytes=508137&recv_bytes=11417&delivery_rate=4344987&cwnd=231600&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=374&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8da2bd93ab7022b5-CDG
content-length: 0
date: Tue, 29 Oct 2024 11:14:11 GMT
location: /Login - SoFi_files/saved_resource(1)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o3beTndITfWedkj9MeE9cKmPqOeSryKuPT4HiRJGWcd%2BG6vYLZSN3bL4aswA13ammKCmQIByT9tlsKWRytjaqXZscoJkU93zick55CLNKEN6%2B8RpBvs8W%2FfCbDE9phFTNhirAcuqqAsOnK8PIwMA7g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=24157&sent=46&recv=24&lost=0&retrans=0&sent_bytes=40321&recv_bytes=8053&delivery_rate=129155&cwnd=24000&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=281&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3

200

HP Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame F537
Redirect Chain

https://login.sofibank.cc/Login%20-%20SoFi_files/HP.html
https://login.sofibank.cc/Login%20-%20SoFi_files/HP

22 KB
8 KB

81ms
80ms

Document
text/html

2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/HP

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae2201480399508c818dda54ecbd092857fc348d9bca0f3cc2b7bc0dd269dbad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.sofibank.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8da2bd94cc8722b5-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 11:14:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cCqFdfBTJn93XIXFHLxPafQzXpSep7g9pzpwAQnnEvTWO7n1n1yOle39uODqQJ6fxM2l7LIvGvK12J0Zwp%2BLKM5EwJPrrwJ8XpyAMtODRwVZBJlbQAmhrswi5WMMmeG733g2iQugvGgnJjcIaVHxvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=27993&sent=465&recv=112&lost=7&retrans=7&sent_bytes=520837&recv_bytes=14465&delivery_rate=594344&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=491&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8da2bd93ab7122b5-CDG
content-length: 0
date: Tue, 29 Oct 2024 11:14:11 GMT
location: /Login - SoFi_files/HP
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PPApgGU5osMGpS4Ii22QdODMfOGu%2BP3S49Y4BdvvsE97khBY7VGJ%2BJ4BNSAyUff7WWnQe9870Km3DoIcU70V3Zip75Sya06%2FSafm8F0RiLZLzPXJ5y4CemOD7Fi%2Br%2BWLVRh4biHKvjYmmEt3XD4saQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=23561&sent=67&recv=30&lost=0&retrans=0&sent_bytes=61921&recv_bytes=8311&delivery_rate=633527&cwnd=31200&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=287&x=1" cfHdrFlush;dur=5
vary: Accept-Encoding

GET
H2 200 SoFi_Multi_icon_50x50_Ver5@2x.png
cdn.cookielaw.org/logos/75b0b94d-5898-42e0-a11e-374a4bb72ea1/62a05241-4d4e-4324-8fac-d84d73d9f38b/d89abae6-ffd1-430c-9799-990bf0faddbe/ 2 KB
2 KB 158ms
26ms Image
image/png 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/75b0b94d-5898-42e0-a11e-374a4bb72ea1/62a05241-4d4e-4324-8fac-d84d73d9f38b/d89abae6-ffd1-430c-9799-990bf0faddbe/SoFi_Multi_icon_50x50_Ver5@2x.png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9508ba9ddb8676bfd9798804dd64342150e71612590be997eca8669b485c5dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

content-md5: l+87OFbbL6ySRiFyfS2kBg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DB774CC29B3E51
age: 68537
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
last-modified: Tue, 27 Jun 2023 20:26:16 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8eb82d08-201e-005a-7d7d-225f64000000
cf-ray: 8da2bd9458275c80-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1648
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/02h1c/0x4AAAAAAAQFNSW6xordsuIq/light/fbE/normal/en/ Frame 89F2 0
0 17ms
16ms Document
text/html 2606:4700::6812:5e29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/02h1c/0x4AAAAAAAQFNSW6xordsuIq/light/fbE/normal/en/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&onload=captchaCallback_716131

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Referer: https://login.sofibank.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8da2bd945b88d3a4-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 29 Oct 2024 11:14:11 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 clear.png Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 0
677 B 104ms
102ms Script
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear.png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cf-cache-status: MISS
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JjQg8X4Q9xfYWd69GLx0tmf0%2BX625R4M7ZqKQ6RQbMFw8svrxqDPZsRwK4mtsYKskzVNf%2BAo6roZEvowE4AKNxB9wRvn9hitEuRzVwlLWwPf0zmKL%2BB4mcT7NaaxdehbdGyyxY0ZaNL1e%2FUVuH8pOA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27134&sent=474&recv=113&lost=7&retrans=7&sent_bytes=530712&recv_bytes=14510&delivery_rate=91959&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=551&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd94fcbb22b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H3 200 es.js.download Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 134 B
820 B 77ms
72ms Script
text/plain 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/es.js.download

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

079fac1c9dfc450804055fe738429eeff1643ee0ebf96026cc1f599942ef2a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "efe9e6b4d30ef9252925a06af7d0c8a2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6sBsBe2OqFrj5gGi6%2BdIrTuvrnwPxxAhRJ%2FzROzkihAwyuYDVanj%2B5HIfTMqvvOWXMxRyi2yZvwWq3wb1Iaf3HCYDXBw%2BI%2FvomP9fXaVi9aTbPieSEJB7qyLsrZQMZnDc3eZIjLhQOlOEQyLPAyErw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd950cc422b5-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 134
server-timing: cfL4;desc="?proto=QUIC&rtt=27134&sent=472&recv=113&lost=7&retrans=7&sent_bytes=529073&recv_bytes=14510&delivery_rate=91959&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=527&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 11:14:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear(1).png
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 81 B
773 B 94ms
89ms Image
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear(1).png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cf-cache-status: MISS
etag: "b87004ef08cffb1fb9c44ce4fd1c0212"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0rTsDvrxyPUFIm5%2FieHXi77z%2BNByqBq3MQSMyMrwr8IW8PPd%2BBTuAtVsEjwk6IryXtvUd1vGHbsmSLnaSJXGkk%2Fxn1sw%2BnIrSBhh%2B6CeP0PQEsJ9atWcnj2SLhUeav%2F2gUdJs9ZMhlopYY%2BLZQO8jA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27134&sent=473&recv=113&lost=7&retrans=7&sent_bytes=529916&recv_bytes=14510&delivery_rate=91959&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=543&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd950cc522b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 81
server: cloudflare

GET
H3 200 clear(2).png Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 0
679 B 145ms
140ms Script
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear(2).png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cf-cache-status: MISS
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MUleUyP%2FceEYMQXSUbYN1z3WenhJBSQqLyw7mrRt%2BvD36CCg0O%2BNXowLHROLtoG0h%2FXBlFSFxWaEXPIwnFNQ4yxs8E0CzwSFJwMROiYYvFcvOsyDoR0MgMav5AAHuL9K5RWg6yAlBptwsYfaMw20Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26209&sent=477&recv=119&lost=7&retrans=7&sent_bytes=531461&recv_bytes=15828&delivery_rate=88263&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=595&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd950cc822b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H3 200 clear(3).png Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 0
677 B 59ms
58ms Script
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear(3).png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cf-cache-status: MISS
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCQfDjmFiqzqLB4imH%2Bl%2Bb2GtTtisuSM5SdsPE2L8TKmNv9hfevcuYgIaPsZTYtuXmDIDqCjor5BTzNNVFuPEkDHYIrSpRpBnW5L8Np3rc83PTt1dhyOP64EFyc1%2BJMjZ8xAQIXjndvKqC5XNboA3w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26209&sent=479&recv=128&lost=7&retrans=7&sent_bytes=532188&recv_bytes=19562&delivery_rate=88263&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=615&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd95ad6d22b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H3 200 clear(4).png Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 0
679 B 83ms
82ms Script
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear(4).png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cf-cache-status: MISS
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gSB5cJTxmhAABiwpAOXMDgsykOG1KYLVnoKH02W1LiZTVco3iY3pley%2FJ2h1ObNK2ZeA4zSHsGkKDE5WyJ0GY1%2BunU%2BJ%2FQ%2FsRFpGWCCssHMj0arhmyEZCIgJjNTCxqrGzdnPzIUwd0i3rZhw6JPC9A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25634&sent=623&recv=130&lost=7&retrans=7&sent_bytes=703409&recv_bytes=19652&delivery_rate=32875&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=656&x=1", cfHdrFlush;dur=10
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd95dda822b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H3 200 clear3.png Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 0
681 B 89ms
88ms Script
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear3.png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cf-cache-status: MISS
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fhC4CNkbEr5WkWCEsGe1yeyTOwG%2FbE7v5TNO0TfGlOqVAUTvQULoFYhMpz9FkRCod%2FZEv2wXO%2Fx6oFlzTD1QYxjKfzMz5jWgrEfC5hOJeG3ruuGr%2FNToemvdFm76%2FHqpYBGxiUjXWAblj9C90EBNRw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25634&sent=623&recv=130&lost=7&retrans=7&sent_bytes=703409&recv_bytes=19652&delivery_rate=32875&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=663&x=1", cfHdrFlush;dur=3
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd95ddac22b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H3 200 clear(5).png Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 0
671 B 89ms
88ms Script
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear(5).png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cf-cache-status: MISS
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ttSaWUGtVKaEAPyxolvWN3ruhysh%2FwLqezg2PSFsFmzq8gYnVpWXVYad1ok03qb6o2K2hZWynaHcPcckGJ51mY740KLqv9tHBz1saczN9i3Ejc657UHG9fqJSh64VDlcSaZj8vgbO0GtjYfEtf5nFg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25634&sent=623&recv=130&lost=7&retrans=7&sent_bytes=703409&recv_bytes=19652&delivery_rate=32875&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=658&x=1", cfHdrFlush;dur=8
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd95ddae22b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H3 200 clear1(1).png
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 0
684 B 91ms
89ms Image
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear1(1).png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cf-cache-status: MISS
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fvMlF6BrK67fGrN%2FV19G%2B%2BJG8gYK%2BpH%2FrjNjlGbC4KOfps%2FCfv6uSurYxmEb%2BsFfebpdw0RDdAIeQo1rcPLJ8XJ%2B8R7Ufxnnr0gTBqzmb2my5zsmuKlnpKB%2BBU18HuJ4cHVjl427yvNAWwSRL7jcWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25634&sent=623&recv=130&lost=7&retrans=7&sent_bytes=703409&recv_bytes=19652&delivery_rate=32875&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=659&x=1", cfHdrFlush;dur=7
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd95ddb022b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H3 200 clear(6).png Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 0
678 B 84ms
82ms Script
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear(6).png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cf-cache-status: MISS
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CcnvsG%2Fg2tXAc1jOHoRA1kDAdrz8ZjGlnwBbFQhrZgErk6zc%2BfrGf4e73CgUSkQTprb2g0w%2BXj5J7%2BeIQlD2MojhREZhA%2B8PLaJrls7PRhOHIZzzbXrVa3RxoaW10ezaDGRyh5ZaQdmRyaTD388DaA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25634&sent=623&recv=130&lost=7&retrans=7&sent_bytes=703409&recv_bytes=19652&delivery_rate=32875&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=647&x=1", cfHdrFlush;dur=19
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd95ddb322b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H3 200 clear3(1).png Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 0
680 B 85ms
83ms Script
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear3(1).png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cf-cache-status: MISS
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZUYg%2F86ze6TotKrclDjcElzSDb9kw%2FKKmGK2LOuxjVwJXCRyDqWh0g%2BX7gije1a9rwCr3rF1xDLxZjB0GVI1%2FRo%2Be9MFy7uFFEUZFuSSIDoeqtZU5ZyRXK00so4KhKerotjWJa6G7FLESg4gnjjSw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25634&sent=623&recv=130&lost=7&retrans=7&sent_bytes=703409&recv_bytes=19652&delivery_rate=32875&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=652&x=1", cfHdrFlush;dur=14
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd95ddb422b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H3 200 clear3(2).png Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 0
676 B 86ms
83ms Script
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear3(2).png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cf-cache-status: MISS
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hfmjGJ1ZYY5h46A4iRCIco1qnZCo1b8Mxy%2FRmTGTsk2Ob4Dq4UivjVWgAyk1ItfLIXr0dFNGYHy1CPtN3MSFYoGnj%2Bz1S9ShH04RtPyvrRFRTwWIG7HUzd4RXiHvN%2BFPQcTzdILi0x6e6c7tQ7QB4A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25634&sent=623&recv=130&lost=7&retrans=7&sent_bytes=703409&recv_bytes=19652&delivery_rate=32875&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=652&x=1", cfHdrFlush;dur=14
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd95ddb622b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H3 200 clear(7).png
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 81 B
771 B 86ms
84ms Image
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear(7).png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cf-cache-status: MISS
etag: "b87004ef08cffb1fb9c44ce4fd1c0212"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ohIQwiquMS0domuNvV0e69Yhn65ydD%2Fz4cXgQLWt9Fm8%2BZ57C0ZsIQPwuENYn6gEss%2BCDkrcgBfiKe%2F00MBoU1ol7yyE2%2B%2Fe%2BN6fLdEt%2FSM3pS5QBElYg8gPOyWpLApB0wC5lR1tRVIkb7YWiU6wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25634&sent=623&recv=130&lost=7&retrans=7&sent_bytes=703409&recv_bytes=19652&delivery_rate=32875&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=651&x=1", cfHdrFlush;dur=15
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd95ddb722b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 81
server: cloudflare

GET
H3 200 check.js.download Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 397 KB
398 KB 94ms
91ms Script
text/plain 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/check.js.download

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

430052c76cc922dff1176f4d5a3070526db475ae6a4c9d863c0bac35118d12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "a3ee081ca1ab1901efba8335e12383d9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QvCL438brldxuJC0mt7KN2YhCm1ZFwfebB8RgCl9K%2FtPZUVt9LF5Gv8eYQAzMeIOCMa16Sp5kFjxwg%2F08MptiC2Sia%2FsbpUQ5WMIj3HRkD8yjDJLMuJ9IGVNKDWAvZ0%2B%2BXq%2FLn689t1HvB7i48OpkA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd95ddb822b5-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 406469
server-timing: cfL4;desc="?proto=QUIC&rtt=23090&sent=679&recv=144&lost=7&retrans=7&sent_bytes=765678&recv_bytes=20277&delivery_rate=8090121&cwnd=172920&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=672&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 11:14:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 check(1).js.download Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame F537 215 KB
216 KB 79ms
79ms Script
text/plain 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/check(1).js.download

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/HP

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92cb567a8664f14bd017573f79ca0ad1414c318a97f66681524111b4bb517215

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/HP

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "d24aa9c1d62301642395e2f0c47c6ff5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Y61uoYz7Dyiaa7%2F2Egso2txHFaYVpTtgIJM3Xioop1oI90GpYEw5zbO2MXRHFlOUl2HQYNP%2BhTTABcwQm%2FIO4Tv3ra%2Byl0YlXnG%2Bx4ECBAXX4AvRItX11UlG0vUcCB6puwA%2F7YmrEOqAkThOC8pmA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd95bd7d22b5-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 220506
server-timing: cfL4;desc="?proto=QUIC&rtt=25634&sent=480&recv=130&lost=7&retrans=7&sent_bytes=532889&recv_bytes=19652&delivery_rate=32875&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=645&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 11:14:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 ARF Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame F537 35 B
717 B 103ms
102ms Script
text/plain 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/ARF

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/HP

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bc10458f3da34e07a6e8314a21f932b30ff26f77dfe79cb6c36eb07234c3da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/HP

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "c914b6acef41fb6cbc52a065c5c5bbf0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V0pa9PDtdVZYHZLdTa4Z30YvjyZvlLYOxMLFfgci18r%2BEqXlioThwjZMAYgFDTrW4PMJxezCIjMWxOzRVT7SbGtOyLp0moVmuYJZZhmpSxONm8bgEOc5M9Zj1C%2B0R9TDxaYOEaJ29K0v%2FLk3ivyYiA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd95bd7f22b5-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 35
server-timing: cfL4;desc="?proto=QUIC&rtt=25634&sent=623&recv=130&lost=7&retrans=7&sent_bytes=703409&recv_bytes=19652&delivery_rate=32875&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=649&x=1", cfHdrFlush;dur=17
date: Tue, 29 Oct 2024 11:14:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear3(2).png Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame EAB6 0
0 0ms
0ms Script
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear3(2).png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cf-cache-status: MISS
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hfmjGJ1ZYY5h46A4iRCIco1qnZCo1b8Mxy%2FRmTGTsk2Ob4Dq4UivjVWgAyk1ItfLIXr0dFNGYHy1CPtN3MSFYoGnj%2Bz1S9ShH04RtPyvrRFRTwWIG7HUzd4RXiHvN%2BFPQcTzdILi0x6e6c7tQ7QB4A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25634&sent=623&recv=130&lost=7&retrans=7&sent_bytes=703409&recv_bytes=19652&delivery_rate=32875&cwnd=170520&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=652&x=1", cfHdrFlush;dur=14
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd95ddb622b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H3

200

ls_fp Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame E4F4
Redirect Chain

https://login.sofibank.cc/Login%20-%20SoFi_files/ls_fp.html
https://login.sofibank.cc/Login%20-%20SoFi_files/ls_fp

99 KB
16 KB

83ms
82ms

Document
text/html

2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/ls_fp

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf42b8c9fdc4af3c81d6f65a23307dbdd32de18248c9b8d4dddb3db6d5cab55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8da2bd977f3d22b5-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 11:14:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YISMPHWGHDBD74dH88gg%2BA7SAYpDgekEMZMrPnx4U2CMfqvExXZ6pmrPja1bOfQXKPcJWvM7pe8mNWzubWnTVCYSTBOTj%2F2f7waKmoaaKktGFatIZGEJXcVSBV3cfMGimotizHbPJJsIkgsmfx2%2FbA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=22398&sent=1041&recv=196&lost=7&retrans=7&sent_bytes=1184616&recv_bytes=25443&delivery_rate=831&cwnd=175320&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=928&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8da2bd972ef422b5-CDG
content-length: 0
date: Tue, 29 Oct 2024 11:14:11 GMT
location: /Login - SoFi_files/ls_fp
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QX3cK7U%2BAUeJB8WLIiMSFEAds6BKNIuV9SN3uZtiVxuSM%2BjM7qkZ1k22t50aFnBKIAqXsij9E%2FTubik%2FVfJCt6aW2i%2BfwGO4hY3jzrefFXPtKJokvKo3uIoIQ9P8pLOVUBHy72Wwd9C6ekrVCuiYLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=21886&sent=1035&recv=191&lost=7&retrans=7&sent_bytes=1182517&recv_bytes=23813&delivery_rate=7974256&cwnd=175320&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=837&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3

200

sid_fp Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame D6F0
Redirect Chain

https://login.sofibank.cc/Login%20-%20SoFi_files/sid_fp.html
https://login.sofibank.cc/Login%20-%20SoFi_files/sid_fp

110 KB
17 KB

85ms
85ms

Document
text/html

2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/sid_fp

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d2350225a4fee2f14cbba05ebdb555c906b10f29143c471c8addbdff40f8f2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8da2bd978f3f22b5-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 11:14:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0IiFVm%2BWCLf49DyQzvt69%2BkVbaxJoSAHXJr%2B%2BLtBaL6pUNEM2culQptzNC0IbJYhV4%2Bbj9Uwr54wXbtGhrJ3mAUzwYKdvFZXMury9IME1JhElJJ%2B6QFaywnqMbWJkR43owCOjHaxRToMIVi8PBR2Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=22398&sent=1074&recv=196&lost=7&retrans=7&sent_bytes=1216949&recv_bytes=25443&delivery_rate=831&cwnd=175320&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=936&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8da2bd974f0422b5-CDG
content-length: 0
date: Tue, 29 Oct 2024 11:14:11 GMT
location: /Login - SoFi_files/sid_fp
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ID1%2FPMxCZgLu5i86khLeUXZaAHfX7XWkJPSkqd9FgY3WrYKwFnyE0eoT85igvNGTbC3wHqZdws%2F8yOk%2FmLMTbF3qlzsIfc%2F9%2B0tatCAEZJe7%2BRTrWBfilCgVCSXksoDQEwjbmKpw7lsNaWGH6YLXCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=21886&sent=1036&recv=191&lost=7&retrans=7&sent_bytes=1183189&recv_bytes=23813&delivery_rate=7974256&cwnd=175320&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=848&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3

200

top_fp Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame D54C
Redirect Chain

https://login.sofibank.cc/Login%20-%20SoFi_files/top_fp.html
https://login.sofibank.cc/Login%20-%20SoFi_files/top_fp

97 KB
15 KB

74ms
73ms

Document
text/html

2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/top_fp

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e400ca375e8867f005e84c0d80362858465d14b5517eab70ee83e01250dcb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8da2bd978f5222b5-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 11:14:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nukp4MVKFI3OR3KPf%2Bq1HckewwVQfkCcU1qyfas2%2B2ZKJ4m3kh5d%2B7q3vm5Wp6ms%2FUnkGmBP3HBkSxuGuEqTuupjwwlfDs5x7O%2B%2BW3LC7aAWfir71KlqtJ7s48YZ4I8vCkcMKzvi2kqSmNc4ig7CmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=22398&sent=1053&recv=196&lost=7&retrans=7&sent_bytes=1197018&recv_bytes=25443&delivery_rate=831&cwnd=175320&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=929&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8da2bd974f0622b5-CDG
content-length: 0
date: Tue, 29 Oct 2024 11:14:11 GMT
location: /Login - SoFi_files/top_fp
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c8V0JodY3W5oXSQyO9EhQoNuCu6wNKb2l4caXvrpRr%2FBW5lprqn%2F2uN7DIdK%2Fgp7wUBa%2FQ4Akx1XlaNiYP4ledhs%2Fi887h9I5lLJqv%2BWnocBsVh63coJs6y50LHviLmIVIjpZsREAtiAIRWOY%2F3Y0g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=21886&sent=1037&recv=191&lost=7&retrans=7&sent_bytes=1183865&recv_bytes=23813&delivery_rate=7974256&cwnd=175320&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=855&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H/1.1 200
OK clear.png
st10.sofi.com/fp/ Frame EAB6 81 B
474 B 22ms
22ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear.png?org_id=oiwd0wpz&session_id=d78a55b1-490e-4bde-9fcb-28db46011971&nonce=56e34aa4385c2403&ck=0&m=1

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1)

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Date: Tue, 29 Oct 2024 11:14:11 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

OPTIONS
H2 202 ingestion
fp.sofi.com/api/ Frame 0
0 442ms
384ms Preflight 172.64.149.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fp.sofi.com/api/ingestion?format=raw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.149.225 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: attributes,domain,pkey
Access-Control-Request-Method: GET
Origin: https://login.sofibank.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attributes,domain,pkey,tokenFormat
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://login.sofibank.cc
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 8da2bd987ce29b7c-FRA
content-length: 0
date: Tue, 29 Oct 2024 11:14:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RKrgPn2h2%2F6EkBFaWFSzIjXz7PH7N%2B6dO%2FhatARTqPVwFtlPeXJQgU2gSrC9f2hCYgUjmxkkn7wjeYADhuxfkBrwOwzf3ekiXymtt9Hehgkf8KshoSXYxYQdFox1"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1

GET
H2 200 ingestion Show response
fp.sofi.com/api/ 207 B
1 KB 206ms
181ms XHR
text/plain 172.64.149.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fp.sofi.com/api/ingestion?format=raw

Requested by

Host: js.dvnfo.com
URL: https://js.dvnfo.com/devicer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.149.225 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22ace40c79bbdea59f9a8754c166b6deb59667bed273117de754ccaf40800aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

domain: BYFxAcGcC4HpYDYHsDmBLAdgOkkgZmgEYCGGA1lgMaVA
pkey: CwZgjA7BDGBGCcBaW0AMBDRwz1Y+ATAQGyIFgCsAZlRPBemCAUA
attributes: N4IgzgJg1gagpgJzASwPYDsQC4QEYB0uIANCMmAMIZhzoAuy6A5tnQgK5ykCGdbyAI3Z04YbKAYBbOAFV6yADYVuChdhAA2AOxaSIdjQQBBJrTrqAsqgBeihdwD0AVnwAGAAQAKABq5cAbncAGUZ2AA93MIAODQB9DQAWAEp3IwAHNIU4AHU4AQBpZDpnAGYtfBKNL3yACQAVCyDidwVkKDh3AHE4AGMoVBSKAAsEVGkHXBLXNxmPAGVuADNuBGRS8sq9AHc8iFWAN0R1ZYUaPXtmdm5TdQg4AFo7vR7UBVQEABE4NLoh9QAmBJ6O77ZA9OAWOCSd4AT3UUT0aWQYTgCgASrw0OoiKQkSiFF8fn8cIC9O9kGZMRg6jC0nB1BcIGAetw6fc0qtJCs4aQhisIFsVnAqOgeuwEAhaD04ThcP8ycJEGjRK9hGhMLKNK5XGE5VEnNtGBBUFtlWBVQwMNitTq5dq9MzJbQzRb1dbtbr-vaePtuIpuAIsnMek70C6FGqrZqPXbXHopHBrBg4AB5RaLGjmHD3LXx5DSJPoek4ACi4tQdIcACFEK1MKQaGAUBg5nR3tdiyA2JxzqgWQpW+2bjhu-TSEa4CiIB8BOpR3puBAIDW+aD3scVGdSBXaB9eAHuGccCctyBMrxFu9JOoQuhwpEYvEgbiI0xGGIcAAFD4AMXcMApHYEAAH0-d46ADLJ3A+Pt2Gkeh3B-K9eGAgAeVlMjBKl0AcNIIEWYC8MWfwRDCYoiMI-CAD5iGGUZpHcb8-wAuAgNA8DII6GCxXguhEOQug0Iw1oWUtHCKKIkjJ3I-DKMWGi6LGZA4MY39-0AxB2IQCDAy42DeP4hAuUE9CMhE7DcNkyTSJkgiiJoiwwVGc1Fj4ksIFMVTmI0kCwO0zjoP0sxDOMoSzKwsTLLs-CpLIqK5Jo3ICiKdwhEUOh7kYLytJ0qDuLg4KkKMlDTMw0T1Xi6zpMq6jnm4dBfTAbIjUYFgcBhUQ6oaw8f1axAOUYLMQAgfcsHzDtcOYfwBEPOBEmILRtDgKJcFcJxFgECBwVwXpFn+JYNH+TaEm4HpXASL1uG2PImAUXrmH61Z6GOCASiibUnCcAQnFcRYEgEdMEkSbh1ogf5FjlDQIB0RZroEW6SzI2hm3QD8QCMAA5ToghLWJ3wg0U4AgWIVgQbgYTAfwS28OpYl09BickRguTCKmadiHpWjSDmMDYV42dpl43gQOn2HTRBYj5BRFliRY3l4AXYjuIkOfsSQ0kVuXUF4OmsgZzWyaYJXvl+RW0leGEmAwWJUHTTNVe4dXFbAPk7hFmzxTgWI3ggRWPclHn1clJt1Tpn4ej96TPcDjlRBR2IECYOgI+p2n-a9xZ0ol+ryFQPmkRT9n09iJmJXeB31diNtYiJ0xnbRToq38FMSzmGusl4vGGcnWJ2EG5vW9lgRUAT2g3ZL5A0i5DWW7bsACZGhBibd5BfQYQ5Kdnquo4DrWFa34u97ob3GDgFYB7b4upZlo+L+3sjo+v2X5ePusz4QO-Dm0nvSfJm2BAAFa9DoP4bIJYqzYx5sLUW4sRa3zARAoIMdg40GJsXQ8ydQHgMgS8IOccib3zoNHOAmCEE4LGLHJsBDi4kJ6AEMhSDcGUNQYQ6OYASikOwYwihKDqE7y9uw5OsQwCJwEFgxBxshBG0lN3SUItGCXnEZAu4UjhGu0QJTBhxsVbpyUUgvY3AtgwMWBovR3tUA0B5vQaSZjJDsAUAwJWZMthmPNgoS21toRPFIDseGCh4BIDdDgJK2N3AEA8J4FMdJ0ChNbu4f4bh3CKSZnBJIcNbrKlkUcYJeRCh8RCUEdJ-ix7rhyclcwPiboKDkFyMA7QICZLdtkkAABJaxCh3AtNWGAdwUTaCxOYKfIpNTDz1PgAzUprT2mdNFPgIprYpSKCrEUNGcZKl+LmK7VqQR6pMCuKYAJKN1AFK6EEOYQR3BxPCV4PpMSLlxOxucy5cwwmJOScpSQaT1kI0GUWSEEERoQRqIeYkIAtABk2kucGgINBwBKP8JwJQBBRD2hoFFJiohRAgBoEG8z1EIH+YufcwKXa3ASLgIlCRXBHVwFEHoGhkUQASCYnQCQwbvS+j0BICJeSHhCETHZlwOxo3nLysA-KGkqgjGJDcpwxwgD5OKikEAUxoxPPKxVEqqyjC2IYWVp4WZ1FQOwHoQwwKDVWWSdARqTVDFbCsOgcx2AZHAkTfV8q2y2pLIcegTqXXfwgO6hc7AIBYllICNwCQSgJC0E4f4sbcBai0M+EAvi0R1AoACbUuAsCnSiFgL0WASjcG1FgVacosBYq+lgOATg-A1t6AkYgCQXC4HJYQON+AdDPFQKgKAFISzoE4oGkcHB5VvH7IOQ2wpe39uLHeVQ25VhvnQDIVY6ghh8DSGALADgHBvBXfgFygh6pQHwD0HoDg9CShMRKRAa7kDqChD8HkIBLz0FWcQXAxB-hfqiD+1wP7v3-BKD+pt-wNDECcJBpwWgoMAE5iC5lIBAcU2E0zKFUNgFtgGuz5k6jgAwiATBmCwO4QD7htD-so1oKIwF3C+I+AcRAZGKNUeaFR+jFw9kdlYxx2j-G6PuCFu8Qkvw+M0eo5x9wIIwQQihLCCT7HJP0bxKiDElolMCZU+4NTBITZDC01J2j9HySUjEjSOkRnBOmdWOZ9URhmBZGszpvkS9BSShFGKO9ooYQuek8akQCBwyRnQP5kzDGjQmhC2JcLQnHRwGdFK0LcX6PcF9P6XSwZQwxfVKl9wCZCypjtiQ-LhXkxkbg5Jjj+p6ONhRlO3j7gnA1Za5R+DrguN9hUI10wSmOscY6-RicU4Zz9bY0N9wi5lxwFXGgBA43BudfcDudAe4dKzUW+15bPQ0jsAoPYJsW2NCTfPHQS8RljuTeNBjPOdQyZ9Cu8tzI7AV07vI4N797XcD0ZZN1JqLVmBkbaydr7J2NC-fqo1e6pgEADXoGRvwg3IPuC0K4LQ9HfG3Rh49QaZH-iIdR64ajWgyiY6qYjEQqN1TvYo6Tqr9Pyd+MOXlsJzR6fs7ekzjJY9EAsY+6jt6nOhNY+KRMhbAvSck65wxqpIy6lE0aXziXX2pec-g9z6p6BaljJKRLunJRCek417LjZVOehLJWRJ436vNebMXNs3Z+y4As4wNbw3tvTc-JXfJgFxKQX4-V+z8ldv8WEsBdwElhn4nB9V1G+jmrlWCp46YWnwfQOo-j+4RPivkuxcl1G9PCe+XKtVdbwvmeSjF6VUTbVJpDDl4z8mqv7hDXGtNeaj9jei8rete3u1EFtJ+vNgG7vlf6OetNd6sww-XUQDH83tLIa0CI5JxXxaP3TfpooPjnQ7ONBfdWjLl4faB1Dt0vPgXR-qPX665Ots06qCn7gBJ6-zRb8reXYwB9r-XBC7CX-kJjeogHIj-lfoAe-oAfRu+nQO9rGpAR7mEn4AkPRlQOwNYhAO4HUPhmRlGiUCAAAL4EFAA
Referer: https://login.sofibank.cc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: d4ae8e6b-aa42-4f77-ac17-835acf7e42ee
x-envoy-upstream-service-time: 14
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fkiHtj2ukVKv1dan2V%2Bo2wr8nncsFXtTWLe0zgO7Hp0npl%2B%2B06LBHM%2BdXm2k%2BKyafK5u6HvdRpI2IKu2QVr3ZrsgCUq5HV0TrnibLgaLyL785Gqr4RvNiAvrrIyS"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8da2bd9b09663a68-FRA
access-control-allow-origin: https://login.sofibank.cc
date: Tue, 29 Oct 2024 11:14:12 GMT
server: cloudflare

GET
H3 200 clear(8).png Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame E4F4 0
682 B 67ms
67ms Script
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear(8).png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/ls_fp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/ls_fp

Response headers

cf-cache-status: MISS
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LoMeB8Zc6S%2B151pyE%2Fp%2FRkVyEiPYj8MaSMlvcOrdDh37sItY0XUfWHeHjSxIlMzUuRSIUUeZOwwZ%2FR5jSHuuHhnsldKbc2f9JvZurM75Tq9sG15Gk7iPnUHrVwDNJHeQ6Hc0lzMN%2BB2UBs7cpxlFhw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22331&sent=1094&recv=205&lost=7&retrans=7&sent_bytes=1235586&recv_bytes=26944&delivery_rate=2223187&cwnd=175320&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=1024&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd982ff422b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H3 200 es(1).js.download Show response
login.sofibank.cc/Login%20-%20SoFi_files/ Frame E4F4 134 B
822 B 73ms
73ms Script
text/plain 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/es(1).js.download

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/ls_fp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a764390bce88dc7824b60dd9a5e63810a2cdf1af4ebbd5df8626c2a6dcfda1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/ls_fp

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "b7f4ffb7f98480a468977aef11be510c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fQHDqKXbaj8LaLaNrUmDjNXWQmCUbJuEZplpb8JMEDv2w%2F76do55wasAKOPzjGfI6YqGJbeherwO1CNkDXMwbK%2BO7g5R%2F8q1%2FdkfesdamUSsDEO7FwzVmLJUTpqrIBlCey8yl7V6txR2ZrdWZlPWsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd982ff522b5-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 134
server-timing: cfL4;desc="?proto=QUIC&rtt=22331&sent=1095&recv=205&lost=7&retrans=7&sent_bytes=1236292&recv_bytes=26944&delivery_rate=2223187&cwnd=175320&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=1030&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 11:14:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear1.png
login.sofibank.cc/Login%20-%20SoFi_files/ Frame D6F0 0
677 B 59ms
59ms Image
image/png 2606:4700:3030::6815:5d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.sofibank.cc/Login%20-%20SoFi_files/clear1.png

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/sid_fp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/Login%20-%20SoFi_files/sid_fp

Response headers

cf-cache-status: MISS
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iATSq%2BAXU42r24tH5zzZT9WccBRr8lecHcFIyQJZ1jxgBXg7roXs09oRcnZDdMnzDNknka0TcI08XCMqREb4XUDE3Gjq1piRTCZhLCIoee0wC1BWqb9Hxc%2FQVho3WEQTPlX6x9QPFio7VabcMEpQ9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22331&sent=1093&recv=205&lost=7&retrans=7&sent_bytes=1234885&recv_bytes=26944&delivery_rate=2223187&cwnd=175320&unsent_bytes=0&cid=c78e24d50e6a88e3&ts=1022&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 11:14:11 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da2bd98380422b5-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H/1.1 204
204 clear1.png;CIS3SID=68302C8507A09256888A1B670B36D55C
h.online-metrix.net/fp/ Frame D6F0 0
401 B 191ms
19ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=68302C8507A09256888A1B670B36D55C?org_id=oiwd0wpz&session_id=d78a55b1-490e-4bde-9fcb-28db46011971&nonce=56e34aa4385c2403&jf=34333c267369665f7a6e6c3d746c725d55503b59684d48474830763663306c38267b6b645f666974653d33373b303a30303c35332673616c5d767b786735776762386563647b6326736b6c5f6b657b3d3b303d39333831313036383f30633a3e363063673366303230393236303a3a61383636386b653b64303b30333037383b36303238323c3634626162613430676138666a613933606439643932663a663333383c383460306a6430393a36676536616c306230346a37656664363b663d393230666132663c303666613d3131333139643935333f376166366e36386330633d366c61306d31323435693b3a63343f3530653463303237326c3b3935353f346466373069382e73696c5f716967353b32363638303a303666303639343b673934606b34616563323d373e33383c32373934383b3035606c676e653130663839303c376564666a32313534376b37386235313563303131383030323e3b6b38343231656234316637303a3065653463633d383b36623d663b6165386e3567633c646b306330363464616d333035343066303530396d396a613738332473696e7a3f33

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/sid_fp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Date: Tue, 29 Oct 2024 11:14:12 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png;charset=UTF-8
Server: Apache

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame E4F4 0
398 B 15ms
14ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=oiwd0wpz&session_id=d78a55b1-490e-4bde-9fcb-28db46011971&nonce=56e34aa4385c2403&jf=33342e6c73623f653e666a65653e666432656e3c6763616a673e343b35643337366c6432626431

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/ls_fp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=98
Date: Tue, 29 Oct 2024 11:14:11 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK es.js Show response
st10.sofi.com/fp/ Frame E4F4 134 B
655 B 30ms
15ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/es.js?org_id=oiwd0wpz&session_id=d78a55b1-490e-4bde-9fcb-28db46011971&nonce=56e34aa4385c2403&fr

Requested by

Host: login.sofibank.cc
URL: https://login.sofibank.cc/Login%20-%20SoFi_files/ls_fp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

f11feaa4fcddd751cf153d65bb466e29135a4f57d650b23f94d479fef8d384cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Date: Tue, 29 Oct 2024 11:14:11 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: Apache

GET
H/1.1 200
OK check.js;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00 Show response
st10.sofi.com/fp/ Frame 3482 364 KB
65 KB 45ms
45ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/check.js;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3&jb=3730262462736d7735446b667d70266a736d3544696c7770246a7362773f416a706d6d67246a736035436a706765672d3a38313330

Requested by

Host: st10.sofi.com
URL: https://st10.sofi.com/fp/tags.js?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&page_id=1&allow_reprofile=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

ea74c039e9b14d055fa3e5dc5d6e3c0c0447e4d2bfd04cbe580c15071fc6b041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Date: Tue, 29 Oct 2024 11:14:12 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
tmx-nonce: c875dc27bc52cfe3
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK clear.png
st10.sofi.com/fp/ Frame 3482 81 B
475 B 16ms
15ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Tue, 29 Oct 2024 11:14:12 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK clear.png
st10.sofi.com/fp/ Frame 3482 81 B
475 B 49ms
18ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Tue, 29 Oct 2024 11:14:12 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H2 200 favicon.ico
d32ijn7u0aqfv4.cloudfront.net/assets/icons/ 15 KB
16 KB 59ms
9ms Other
binary/octet-stream 99.86.1.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/assets/icons/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-157.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ae398dbea814491b5f373fa25680e1a7cfdaa9f293e949d89495af91f1bf00d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

x-amz-version-id: WYotLR2IlXrB_IjVQJtvSQ16BNJMDvt_
etag: "3614d0a26a831df997f00b03a831e285"
age: 24123
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: qntGr14rC9HJBdh8_0Nghw_zVZZ8dIH3oxS280l8LED4WxPbrH5PwA==
date: Tue, 29 Oct 2024 04:34:59 GMT
content-type: binary/octet-stream
last-modified: Mon, 07 Dec 2020 14:42:31 GMT
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 15406
x-amz-cf-pop: FRA6-C1
x-amz-meta-forcedreplication: 2020-12-07T14:39:36.194559
server: AmazonS3

GET
H/1.1 200
OK HP
st10.sofi.com/fp/ Frame 8598 0
0 47ms
15ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/HP?session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&org_id=5ugj8dr8&nonce=c875dc27bc52cfe3&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: st10.sofi.com
URL: https://st10.sofi.com/fp/check.js;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3&jb=3730262462736d7735446b667d70266a736d3544696c7770246a7362773f416a706d6d67246a736035436a706765672d3a38313330

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.sofibank.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Type: text/html;charset=UTF-8
Date: Tue, 29 Oct 2024 11:14:12 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame 3482 81 B
533 B 90ms
15ms XHR
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*, 5ugj8dr8/c875dc27bc52cfe32e1b9ebf-8f98-4ddc-802c-3dda66673613
Referer: https://login.sofibank.cc/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: private, must-revalidate, max-age=0
Etag: e979692c4ed64f158202e7dd8e699118
Connection: Keep-Alive
Expires: Sun, 28 Oct 2029 11:14:12 GMT
Access-Control-Allow-Origin: https://login.sofibank.cc
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Tue, 29 Oct 2024 11:14:12 GMT
Last-Modified: Tue, 29 Oct 2024 11:14:12 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK ls_fp.html;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00
st10.sofi.com/fp/ Frame EF0D 0
0 41ms
20ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/ls_fp.html;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.sofibank.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 29 Oct 2024 11:14:12 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame 3482 0
398 B 19ms
18ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3&jb=3136266e7b613f673e6e606d6d3e666632676e3c6563616a673634393764313534666630606639

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=95
Date: Tue, 29 Oct 2024 11:14:12 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK es.js Show response
st10.sofi.com/fp/ Frame 3482 134 B
654 B 19ms
19ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/es.js?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3&data=AAyVIJIo_cUEKtWjguvcCVElCUDmPqbvPA1hJn8ZnT7hZiSLTR-C-H4MY4_2xUjX-kREo7U9ftA7kwLPqSe_dAAub_zEew

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

3af826d247e2a4067a962278ccfede0e6346f200d9c7d07b8338809ac58635eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Date: Tue, 29 Oct 2024 11:14:12 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: Apache

GET
H/1.1 200
OK sid_fp.html;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00
h.online-metrix.net/fp/ Frame 2358 0
0 41ms
18ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.sofibank.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 29 Oct 2024 11:14:12 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00
st10.sofi.com/fp/ Frame 573E 0
0 36ms
16ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/top_fp.html;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.sofibank.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 29 Oct 2024 11:14:12 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
h64.online-metrix.net/fp/ Frame 3482 0
399 B 577ms
156ms Script
text/javascript 2620:f3:0:14:b401:8ee8:4321:ad82
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h64.online-metrix.net/fp/clear.png?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3&i=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2620:f3:0:14:b401:8ee8:4321:ad82 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=100
Date: Tue, 29 Oct 2024 11:14:12 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 204
204 clear.png Show response
st10.sofi.com/fp/ Frame 3482 0
218 B 16ms
15ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3&ja=303030352e26613f3e382472353e3026663f393e30327a393030302663643f333432307a333230322e737a7b3539373f3870313137322e6c70703f392e313630322e333032322c333430302e3932323224393438382431323032243936323224333238352e333735322e31333530266f7c3d30356e3d336c3b39343965346a6e32323b6a34366264313a3560326366316134266f663d30247b6b66353a3c266c683f607c7472712d31412532442730446e6d676b6c2e736d6e69606366632c6b6b2d324626726435352472603f65383030666463373735333b3366366d62673a3131316d6a3c61393930313864246a603f6535356061303a30373936313363613c613532306a376d3f6b38343030396e6124687b6d3d4c696c777a246871623f4168726d65652730383931382e62736f753f44616e777a2e687362753f416a706d6f65246c68633f3932246c6c653f302e666d74703f382e747866354775726f72672730444065706e696e246561766a7a353638383b643163306a6d6332306d346363353432323a3063643337353432396666363d303a393c3964366563693a3466613136616662663530313331313b346126667a3d6a767c78712d3b49253246273a4e6c6d65616c2e736f646b60636c692e61612532442e703f72647d65616657666c6171602d354764696e736521726e77656b6c5f756b6e646d7f735d6f6d6c6b6957786c6179677a2d354764696e736521726e77656b6c5f63666f626757616170676a637c2d3d4566616e7b6d21726e7d65696e5f73776b616976696f672535476e616e716d2972647d6f696e5f71606763697569746525354764636e716721726e75676b665f7067696472646971657225374d6e616e716d23706c75656b6c5d746e635d726c617b6d7227374d6e63647b6d21706c776f616e5d666d74616c767027374764636c716721706e7d676b6c577b746f577e696577677a2d354764696e736521726e77656b6c5f68637661273d456463647b672e6f645f633d756d6a676e556d60474c253032332c322732322a4f706766474e273a38475b2d3a30322e322d3a30416a7a6d6d69756f2b556760454c273030474e5b4c2730384d512d3a38312e30273a38284d726d6c474c2530324751273030454e534c273a3047512d3a3239263825323041607a6f6f6b7d6f29576560496b76556762496b742530385767604f4443464f44455f696c7b7c616c616d665f617270637b71273142273030455a5c5f606e6d66665765616e6d617a2d3b422730384758545f616e6b725d616f6c76726f6e2d3340273a3847505c57636f6c6d7a576277646e67725f68636e645d646e6f63762533402d323247505c5d6c6d7874685f6164696d72273b40253230475a565d646e6f63765f626e6d6e66273b4a273a384d58545f647a69675d666d7274682531402730324758565d706f6e71676d6c5767646e7b6d745f636e69657027314a273230455a565d716a636467705f7467707477706d576e676c2d33422530384d58565d7c6778747570675d616d6f70706773736b676e5d60787c612d3b4a25323047505c5f766770767572655d616d6f7270657171696f6c577265766b2d314a2d3a30455856577c657a767d70655f666b6e7667705d616c6b736f767a6f726b6b2d314a2d3a30455856577c657a767d70655f6d6b70706d705d636e636d705d7c6f5d676c6f672d3b4a25323047505c5f71504f402533422730324d47515f676e656d6766745d6b666c6770577d696e74273b4a2530324747535f66606d5d70676c6467705f6d6b786d63722d3b402d3a384f45535d7b7c616c666970645f6467706b7463766974677325314a253032474d51577c6d787475706d57666e6d69762533422730324d47515f76677874777a655d646467637c5764696e65637a2d3340273a324f45535d76677a767772675d68616e6e5f646e6769762d3b4a2532304d4d5b5f766770767572655d6a636e645d666e6d61745d64696c67697a273b4a2d32304f475b577667707c67785f617070637b5d6d6268676374273b422730385f474a4f445f636f6e677a5f60776e6465725f646e6d6376273340273230554d42454e576b6d65787a657373676c5774677a7c7772655f6371766127314227303057474a474e5d6b676f787a6d73736566577c657a767d70655f65766127314027323255454245445f616d6578706d7b7b65645f766d707477706d5d65746333273140273030554742474e57636d6f787a677b7b6d645f7467707c7570675771337463273140273032574740474c5d6b6f6f727a6d717b6d6c5f74657a7c7d72675d7b3174635f7170656027314227303057474a474e5d6c6d607d6f5772656e666d7a65705d616c666f253140273032554540454c5f666d627765577b6a696c6d727325314a2d3232554d40474c5f666772766a5d74677a7475706d2531402d3a325f4d4a474c5f667a69775d607d6466657271273140273030554742474e576c6d716d576167667c657874273b4a2530325f4742474c5d6f776e766b5f66706177273b422730385f474a4f445f706f6e716f6f6c5d656d6465313424656e5d6a3d3a346633613034633a3f39603c306d616438363e31616636693562356334323a603a636437373136247f676e7435416c7c6d642532304b666b2e24756f6e723d496c76676e2730304b706973273a304d726d6645442d3a30456e656166652465646a5f683d30663a3531333435603837336b3467663d3060393a693165643b3b386431676d346434343b603b60&jb=3333342464713f4f67726b646469253246372638253032205a31312531402730324e696c7778253038783a34573e36212d3a30417072646d576760436b742532443731352c3136273030284940544f4e2d3a412d3a386c696b672d3a3045676b696f29253032416a706d6d67273246333b302c3226382c382d3a30536164697a6927304e3733372e3134

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=98
Date: Tue, 29 Oct 2024 11:14:12 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 200
OK clear.png
5ugj8dr8qqofnrcvzrv63gp6jbdczcyeswza3nqec875dc27bc52cfe3am1.e.aa.online-metrix.net/fp/ Frame 3482 81 B
438 B 80ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5ugj8dr8qqofnrcvzrv63gp6jbdczcyeswza3nqec875dc27bc52cfe3am1.e.aa.online-metrix.net/fp/clear.png?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3&di=yes

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: close
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Date: Tue, 29 Oct 2024 11:14:12 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H/1.1 204
204 clear3.png;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00 Show response
st10.sofi.com/fp/ Frame 3482 0
218 B 17ms
17ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear3.png;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3&jac=1&je=3a3426246565666a3520312d3a4b312532413b2d32413a3e6465393833373a353433666063353061316437316b3b663d6b39353037346e3165643a38663664633536343164633837673231323d3963333e69373b303129

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=97
Date: Tue, 29 Oct 2024 11:14:12 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 204
204 clear1.png;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00
st10.sofi.com/fp/ Frame 3482 0
400 B 16ms
16ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear1.png;CIS3SID=08EF772B7A09647A1D18C1AD90E47B00?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3&jf=363138247b69665d7a6666357c6c725f555b52584c323544436f4b464a6e7265247169665d6461766d3d33353b383038383c35312671616c5f767b78673d776560386761667161247169645d63657b3f3b3837313b3831333034383f32633a3e363863653166323032333034323832633036363a6b6d316c383b30313035383b343032383234363660616063363a65633a64626331336066396c333a6e3a6631333a3c383660306a643839383467673463663260323662356d6664343b6e37313a30666332643c303466613d313933333b643b373135356364346634306330613d3e6669386d31303437693b3863343f35386536613030353066393b373737366c6637326930247b616c5f736965353b3036343830323130323a326767666431663036366a373b643f3a613c3b3f3530633b6c306631666e306530333a303537606038303734343a3d303132693f663c6c3d643334306b3e6432303a33303039373566356366323a306265313c3967363f6d366d6a6e3632633a3f3e6364376c35633035373560613b63313a326331376e3232306b38376d3f30653835353d2e736b647a3f30

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=94
Date: Tue, 29 Oct 2024 11:14:12 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png;charset=UTF-8
Server: Apache

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame 3482 0
398 B 14ms
14ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=2e1b9ebf-8f98-4ddc-802c-3dda66673613&nonce=c875dc27bc52cfe3&jac=1&je=343933242e6a646c353b3a2e626e683d34663e3b63323a3831636537343b313b606462616166393a6a653733393f313e2e6266746e3f38323833383b3a2677696b3f3335302c31352c302e363b2c33322639303126382e3637247f6d693f363d2c3134312c3337302c3537247569363f3a30323332696130323a303a336338383a333239303a38643760386737333138676563362e706f3f6667246a697c73743d273f4a253030646776656c273030273143312c323025304b2530307b7c637c7d7b253232273b492530306b6a6172676b6c652730302535462661776c683f61693f60316d3e653638336b6b6161346e30613763333b303b31343336346235613b31353b3e6a366c306c643438343838333a646d366630336461663a363739246778333f6b3131613c6d323d316d383164323f3f6631646c603064383a35633b3a3634633a6265613b6331602e6d7a3c356b373837363a3a3863636e3b32373432633160643765323b6265643e376461382e77696035253742273a3a617061606b7465637677706727303227314125303a2530302d3a412d3a3a6269746c6d7b7327303a273341253030273030273241273232607a616c667b2d303a2d3b412535402d3d4427304b27323266776e6e546770736b6d6e4c6b7b7427303a2d31492d3d422535462d3a4327303a6f6f62696e6727303027334364616c716d2530412d3a3065676c656c25303a2d3343273a30253232273041273030706e6374666d7a6d27303a2d31492d3a322532302d3a4327303a726c6174646d706f546772716b6f6e273a322731492d303a2d3a322532412d3a32756d7f343425323027314364636c71672537462e75636e352d354a2d3a32627263666c7327303a2733412537402737462732412732326f67626b6e6d2d303a2d3b4166616e7b6d2530412d3032706c6376646d706f2530302533432d3230273a3a273f4c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.sofibank.cc/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=93
Date: Tue, 29 Oct 2024 11:14:12 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SoFi (Financial)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sofibank.cc/	1970-01-21 00:38:06	Name: SOFI_USER_DNT Value: null
st10.sofi.com/	1970-01-21 10:12:40	Name: thx_guid Value: 7595080d400b92f55f57d3de3c6cad41
st10.sofi.com/	1970-01-21 10:12:40	Name: tmx_guid Value: AAyUdmixU6i2uIsLk779Vq6bjmDRWs6IEgJqmr1BgIZ3D4fq6FdDZfbLgyiLhZPw1w-z1ysoFcaWvUbIeSTHnbf99yXzAQ
.sofibank.cc/	1970-01-21 00:38:06	Name: SOFI_TXM_SESSION_ID Value: 2e1b9ebf-8f98-4ddc-802c-3dda66673613
fp.sofi.com/	1970-01-21 10:12:40	Name: soc_visitor_id Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJkYXRhIjp7InNlc3Npb25faWQiOiIyN2UwM2VlMy01ZWMxLTQ1MjAtYjcxNS0zMzVmZmM3ZGYwYjkifX0.nZ-UnP4G9pR7aX5SvphMMGLJM_-8HEd2uuQGhaES-qN_26OSDzEMqaXREHsSHID8vZ6omNu6W0cw7JQ9NvmIaw
.sofi.com/	1970-01-21 00:36:42	Name: __cf_bm Value: cZq8d8G9x41Se.ruUHpoc3xwnS4_baXRINgIIdXr1ds-1730200452-1.0.1.1-.OGC_z69OMstR2sxWAfW1FF2m2fLQXdRhXq_qhFl6C2q2Y1_CYYjYVBCxvLtT15IdXfKiUPCwpWQuKbgnHGfYA
.sofi.com/	1969-12-31 23:59:59	Name: _cfuvid Value: mjbRQOIB5aXQrO2fMu7kK33F.Of9k73aTckPRvAe1b0-1730200452497-0.0.1.1-604800000
.sofibank.cc/	1970-01-21 00:38:06	Name: SOFI_FP_SESSION_ID Value: d6c38787-ed3d-4f42-99f2-6129a598cc03eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJkYXRhIjp7InNlc3Npb25faWQiOiIyN2UwM2VlMy01ZWMxLTQ1MjAtYjcxNS0zMzVmZmM3ZGYwYjkifX0.nZ-UnP4G9pR7aX5SvphMMGLJM_-8HEd2uuQGhaES-qN_26OSDzEMqaXREHsSHID8vZ6omNu6W0cw7JQ9NvmIaw

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://login.sofibank.cc/ Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/datadog-rum-v4.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/ Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/tags.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/ Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/devicer.min.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/ Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/otSDKStub.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/ Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/api.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
rendering	warning	URL: https://login.sofibank.cc/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0407202E4150000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security	error	URL: https://login.sofibank.cc/ Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/otBannerSdk.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/clear.png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/es.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/clear(2).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/clear(3).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/clear(4).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/clear3.png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/HP Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/check(1).js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/HP Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/ARF' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/clear(5).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/clear(6).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/clear3(1).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/clear3(2).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/clear3(2).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/check.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/ls_fp Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/clear(8).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.sofibank.cc/Login%20-%20SoFi_files/ls_fp Message: Refused to execute script from 'https://login.sofibank.cc/Login%20-%20SoFi_files/es(1).js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
rendering	warning	URL: https://login.sofibank.cc/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0301D00E4150000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://login.sofibank.cc/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0901D00E4150000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://login.sofibank.cc/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A07202E4150000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5ugj8dr8qqofnrcvzrv63gp6jbdczcyeswza3nqec875dc27bc52cfe3am1.e.aa.online-metrix.net
cdn.cookielaw.org
challenges.cloudflare.com
d32ijn7u0aqfv4.cloudfront.net
d3331otr86r7j1.cloudfront.net
fontmetrics.net
fp.sofi.com
h.online-metrix.net
h64.online-metrix.net
js.dvnfo.com
login.sofibank.cc
st10.sofi.com
172.64.149.225
18.66.122.87
2600:9000:2251:c800:10:8d:3740:21
2606:4700:3030::6815:5d5
2606:4700::6812:572a
2606:4700::6812:5e29
2620:f3:0:14:b401:8ee8:4321:ad82
54.213.54.85
91.235.132.130
91.235.132.67
91.235.134.131
99.86.1.157
079fac1c9dfc450804055fe738429eeff1643ee0ebf96026cc1f599942ef2a4b
0ae398dbea814491b5f373fa25680e1a7cfdaa9f293e949d89495af91f1bf00d
0c26662aa165b09133ec1e69f03327822ffcdeecb2e8dc3e075c3b14c816c5b9
0f51bfea694d99efdac2e8223be8bfa713bee494c44605fec6a2e721f992dce5
16ad14b04bbb43106c487ed24c60f706cb02cf4b59aa1ff1823f3df83761c3ef
1a764390bce88dc7824b60dd9a5e63810a2cdf1af4ebbd5df8626c2a6dcfda1b
281f77331b6fcd4f1db65eda99cee9c7478055127ca878edddc20c380c03df6c
2bc10458f3da34e07a6e8314a21f932b30ff26f77dfe79cb6c36eb07234c3da4
2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611
3af826d247e2a4067a962278ccfede0e6346f200d9c7d07b8338809ac58635eb
4161e8b093c0be14c542b0948c6271b1ee5ccd53e6274654a91224c343bc418a
430052c76cc922dff1176f4d5a3070526db475ae6a4c9d863c0bac35118d12a7
43e8b484d3d5c4b99cc89ce2b933186779acad8d8cc203b204fa76425617fc23
45cdeb55dbb51244e8ad1f45d3dc665f8c869ed22c38bf98e99169147d385b6d
5b75ac6f98994352699841dffa6e562725ebbd0005c539946ad3625ec550eb0f
5e400ca375e8867f005e84c0d80362858465d14b5517eab70ee83e01250dcb1d
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
734b5f8af2a3d77d664c4306cd97ba44f4f065966d57c34c094db079a51a7e57
7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c
8d2350225a4fee2f14cbba05ebdb555c906b10f29143c471c8addbdff40f8f2e
92cb567a8664f14bd017573f79ca0ad1414c318a97f66681524111b4bb517215
9508ba9ddb8676bfd9798804dd64342150e71612590be997eca8669b485c5dba
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
a7c6baefcdda36fefc81f42a0abafdd31a62b7d425ff2542925f9dfdca17b411
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
ae2201480399508c818dda54ecbd092857fc348d9bca0f3cc2b7bc0dd269dbad
c3087446afe87c5da27035fd77db71f3d9911966b3cd33a452f80d731fbf8159
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
e182f76b074753911d9dc5c0db48650a94472ac95dccf64d9d9b8100be6a03b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea74c039e9b14d055fa3e5dc5d6e3c0c0447e4d2bfd04cbe580c15071fc6b041
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f11feaa4fcddd751cf153d65bb466e29135a4f57d650b23f94d479fef8d384cf
f22ace40c79bbdea59f9a8754c166b6deb59667bed273117de754ccaf40800aa
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
faf42b8c9fdc4af3c81d6f65a23307dbdd32de18248c9b8d4dddb3db6d5cab55
fd70f6ab934cd87e4b40fcd193a7359b518376f3d3b34140a5ec5582d0d88e3a

login.sofibank.cc Open in urlscan Pro 2606:4700:3030::6815:5d5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

99 %HTTPS

42 %IPv6

8 Domains

12 Subdomains

13 IPs

1 Countries

1789 kBTransfer

2795 kBSize

8 Cookies

9 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.sofibank.cc Open in urlscan Pro
2606:4700:3030::6815:5d5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

99 %
HTTPS

42 %
IPv6

8
Domains

12
Subdomains

13
IPs

1
Countries

1789 kB
Transfer

2795 kB
Size

8
Cookies

72 HTTP transactions
1 data transactions