www.sofi.com Open in urlscan Pro
104.18.15.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ablink.o.sofi.org/ls/click
Effective URL:
https://www.sofi.com/app-download.html
Submission: On September 03 via api (September 3rd 2021, 1:31:43 am UTC) from US

Summary HTTP 169 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 50 IPs in 9 countries across 71 domains to perform 169 HTTP transactions. The main IP is 104.18.15.42, located in and belongs to CLOUDFLARENET, US. The main domain is www.sofi.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 19th 2020. Valid for: a year.

This is the only time www.sofi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.52.150.75 52.52.150.75	16509 (AMAZON-02) (AMAZON-02)
17	104.18.15.42 104.18.15.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a8::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.112.63 13.32.112.63	16509 (AMAZON-02) (AMAZON-02)
14	13.32.118.202 13.32.118.202	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
5	2600:1f18:24e... 2600:1f18:24e6:b901:343e:fcbb:d36e:974c	14618 (AMAZON-AES) (AMAZON-AES)
2	52.72.27.138 52.72.27.138	14618 (AMAZON-AES) (AMAZON-AES)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b9::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.13.2 151.101.13.2	54113 (FASTLY) (FASTLY)
2	151.101.13.140 151.101.13.140	54113 (FASTLY) (FASTLY)
1	18.66.97.26 18.66.97.26	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.50 13.32.121.50	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:1800:16:cfb1:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
4	159.203.152.45 159.203.152.45	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	54.175.65.195 54.175.65.195	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.230.83 34.120.230.83	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
2	18.219.93.205 18.219.93.205	16509 (AMAZON-02) (AMAZON-02)
3	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	3.224.194.150 3.224.194.150	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:224... 2600:9000:2240:1400:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
2 3	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 33	209.54.178.82 209.54.178.82	16509 (AMAZON-02) (AMAZON-02)
11	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	52.202.228.151 52.202.228.151	14618 (AMAZON-AES) (AMAZON-AES)
1	104.21.83.150 104.21.83.150	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:223... 2600:9000:223c:2a00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
3	199.232.80.84 199.232.80.84	54113 (FASTLY) (FASTLY)
2	34.120.121.20 34.120.121.20	15169 (GOOGLE) (GOOGLE)
4	151.101.13.208 151.101.13.208	54113 (FASTLY) (FASTLY)
2	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.176.195.187 35.176.195.187	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 2	52.59.115.28 52.59.115.28	16509 (AMAZON-02) (AMAZON-02)
2 2	54.93.133.131 54.93.133.131	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	18.196.210.39 18.196.210.39	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:542e:84b1:1361:c28e	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	18.66.108.171 18.66.108.171	16509 (AMAZON-02) (AMAZON-02)
1	3.94.65.142 3.94.65.142	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.231.184.117 34.231.184.117	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.17.185.148 52.17.185.148	16509 (AMAZON-02) (AMAZON-02)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	3.125.192.222 3.125.192.222	16509 (AMAZON-02) (AMAZON-02)
1 1	35.170.144.83 35.170.144.83	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	34.236.226.59 34.236.226.59	14618 (AMAZON-AES) (AMAZON-AES)
1	52.48.23.163 52.48.23.163	16509 (AMAZON-02) (AMAZON-02)
2 2	13.32.121.72 13.32.121.72	16509 (AMAZON-02) (AMAZON-02)
2 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	13.32.121.33 13.32.121.33	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1 1	45.79.141.248 45.79.141.248	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
169	50

1 52.52.150.75 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-150-75.us-west-1.compute.amazonaws.com

ablink.o.sofi.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.18.15.42 (None, )

ASN13335 (CLOUDFLARENET, US)

www.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a8::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.112.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-112-63.fra60.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.32.118.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-202.fra60.r.cloudfront.net

d32ijn7u0aqfv4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:24e6:b901:343e:fcbb:d36e:974c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.27.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-27-138.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

6375438.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b9::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.26 (United States)

ASN16509 (AMAZON-02, US)

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-50.fra60.r.cloudfront.net

tlxgvxfc.micpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1800:16:cfb1:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.c212.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.203.152.45 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

rbx.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.65.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-65-195.compute-1.amazonaws.com

contentdsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.230.83 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 83.230.120.34.bc.googleusercontent.com

tgtag.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

di.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.219.93.205 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-93-205.us-east-2.compute.amazonaws.com

collector-11685.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.194.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-194-150.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:1400:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.14 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 209.54.178.82 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.202.228.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-228-151.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.83.150 (None, )

ASN13335 (CLOUDFLARENET, US)

getrockerbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:2a00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.80.84 (Marseille, France)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.121.20 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 20.121.120.34.bc.googleusercontent.com

api.trafficguard.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.13.208 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

sdk.iad-03.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.215.191 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.195.187 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-195-187.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.115.28 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-115-28.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.133.131 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-133-131.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.210.39 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-210-39.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:542e:84b1:1361:c28e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.108.171 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.94.65.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-65-142.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.184.117 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-184-117.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.185.148 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-185-148.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.241 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.192.222 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-192-222.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.144.83 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.236.226.59 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-226-59.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.23.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-23-163.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.72 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.33 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-33.fra60.r.cloudfront.net

pixel.placed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.141.248 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-15.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.132 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	24 KB
21	sofi.com www.sofi.com rbx.sofi.com analytics.sofi.com	165 KB
14	cloudfront.net d32ijn7u0aqfv4.cloudfront.net	775 KB
11	facebook.com www.facebook.com	1 KB
9	doubleclick.net 3 redirects 6375438.fls.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
6	google-analytics.com www.google-analytics.com	20 KB
6	yahoo.com 2 redirects sp.analytics.yahoo.com ups.analytics.yahoo.com cms.analytics.yahoo.com	5 KB
6	facebook.net connect.facebook.net	309 KB
5	google.com www.google.com adservice.google.com	767 B
5	datadoghq.com rum-http-intake.logs.datadoghq.com	466 B
4	braze.com sdk.iad-03.braze.com	1 KB
4	google.de www.google.de	252 B
4	adnxs.com 2 redirects acdn.adnxs.com ib.adnxs.com	6 KB
4	branch.io cdn.branch.io api2.branch.io	25 KB
3	bluekai.com 3 redirects tags.bluekai.com	2 KB
3	pinterest.com ct.pinterest.com	1009 B
3	stackadapt.com tags.srv.stackadapt.com	2 KB
3	bing.com bat.bing.com	9 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	98 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	530 B
2	tapad.com 2 redirects pixel.tapad.com	934 B
2	semasio.net 2 redirects uipglob.semasio.net	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	openx.net 2 redirects us-u.openx.net	516 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com	741 B
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	498 B
2	serving-sys.com 2 redirects bs.serving-sys.com lm.serving-sys.com	779 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	adform.net 2 redirects c1.adform.net	998 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	657 B
2	bidswitch.net 2 redirects x.bidswitch.net	882 B
2	adsrvr.org 2 redirects match.adsrvr.org	910 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	fontawesome.com use.fontawesome.com	8 KB
2	trafficguard.ai api.trafficguard.ai	1 KB
2	tvsquared.com collector-11685.tvsquared.com	9 KB
2	yimg.com s.yimg.com	7 KB
2	quora.com a.quora.com q.quora.com	14 KB
2	pinimg.com s.pinimg.com	18 KB
1	taboola.com 1 redirects sync.taboola.com	299 B
1	ispot.tv 1 redirects pi.ispot.tv	343 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com	612 B
1	exelator.com loadus.exelator.com	324 B
1	placed.com 1 redirects pixel.placed.com	569 B
1	rubiconproject.com 1 redirects token.rubiconproject.com	332 B
1	mookie1.com 1 redirects odr.mookie1.com	600 B
1	samba.tv 1 redirects ads.samba.tv	292 B
1	samplicio.us usersync.samplicio.us	263 B
1	imdb.com 1 redirects www.imdb.com	889 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com	759 B
1	zeotap.com spl.zeotap.com	731 B
1	tremorhub.com amazon.partners.tremorhub.com	183 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	484 B
1	agkn.com 1 redirects aa.agkn.com	336 B
1	getrockerbox.com getrockerbox.com	707 B
1	mparticle.com jssdkcdns.mparticle.com	1 MB
1	app.link app.link	562 B
1	reddit.com alb.reddit.com	125 B
1	rlcdn.com di.rlcdn.com	66 B
1	tgtag.io tgtag.io	21 KB
1	contentdsp.com contentdsp.com	5 KB
1	c212.net cdn.c212.net	1 KB
1	micpn.com tlxgvxfc.micpn.com	15 KB
1	redditstatic.com www.redditstatic.com	7 KB
1	googletagmanager.com www.googletagmanager.com	105 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com	21 KB
1	sofi.org 1 redirects ablink.o.sofi.org	398 B
0	survata.com Failed px.surveywall-api.survata.com Failed
169	71

	Domain	Requested by
33	s.amazon-adsystem.com	1 redirects 6375438.fls.doubleclick.net s.amazon-adsystem.com
16	www.sofi.com	www.sofi.com www.datadoghq-browser-agent.com
14	d32ijn7u0aqfv4.cloudfront.net	www.sofi.com
11	www.facebook.com
6	www.google-analytics.com	www.googletagmanager.com www.datadoghq-browser-agent.com
6	connect.facebook.net	www.sofi.com connect.facebook.net
5	rum-http-intake.logs.datadoghq.com	www.datadoghq-browser-agent.com
4	sdk.iad-03.braze.com	www.datadoghq-browser-agent.com
4	www.google.de
4	www.google.com
4	stats.g.doubleclick.net	www.datadoghq-browser-agent.com
4	rbx.sofi.com	www.sofi.com rbx.sofi.com
3	tags.bluekai.com	3 redirects
3	ct.pinterest.com	www.datadoghq-browser-agent.com
3	api2.branch.io	www.datadoghq-browser-agent.com
3	tags.srv.stackadapt.com	contentdsp.com www.datadoghq-browser-agent.com
3	ib.adnxs.com	2 redirects
3	sp.analytics.yahoo.com
3	6375438.fls.doubleclick.net	1 redirects www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
2	image6.pubmatic.com	2 redirects
2	pixel.tapad.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	us-u.openx.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	t.myvisualiq.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	x.bidswitch.net	2 redirects
2	match.adsrvr.org	2 redirects
2	sync.1rx.io	2 redirects
2	use.fontawesome.com	jssdkcdns.mparticle.com use.fontawesome.com
2	api.trafficguard.ai	www.datadoghq-browser-agent.com
2	collector-11685.tvsquared.com	www.sofi.com
2	s.yimg.com	www.sofi.com www.datadoghq-browser-agent.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	errors.client.optimizely.com	www.datadoghq-browser-agent.com
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	pixel.placed.com	1 redirects
1	token.rubiconproject.com	1 redirects
1	beacon.krxd.net	s.amazon-adsystem.com
1	usermatch.krxd.net	1 redirects
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	spl.zeotap.com	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	sync.targeting.unrulymedia.com	1 redirects
1	aa.agkn.com	1 redirects
1	analytics.sofi.com	www.datadoghq-browser-agent.com
1	getrockerbox.com	rbx.sofi.com
1	adservice.google.com	6375438.fls.doubleclick.net
1	jssdkcdns.mparticle.com	www.sofi.com
1	app.link	cdn.branch.io
1	q.quora.com
1	alb.reddit.com
1	di.rlcdn.com	www.googletagmanager.com
1	tgtag.io	www.sofi.com
1	contentdsp.com	www.sofi.com
1	acdn.adnxs.com	www.sofi.com
1	cdn.c212.net	www.googletagmanager.com
1	tlxgvxfc.micpn.com	www.sofi.com
1	cdn.branch.io	www.sofi.com
1	www.redditstatic.com	www.sofi.com
1	a.quora.com	www.sofi.com
1	www.googletagmanager.com	www.sofi.com
1	static.cloudflareinsights.com	www.sofi.com
1	www.datadoghq-browser-agent.com	www.sofi.com
1	cdn.optimizely.com	www.sofi.com
1	ablink.o.sofi.org	1 redirects
0	px.surveywall-api.survata.com Failed	s.amazon-adsystem.com
169	84

This site contains links to these domains. Also see Links.

Domain
sofi.app.link
www.nmlsconsumeraccess.org

Subject Issuer	Validity	Valid
*.sofi.com Go Daddy Secure Certificate Authority - G2	`2020-10-19` - `2021-11-20`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.datadoghq-browser-agent.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-17` - `2022-03-17`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh
errors.client.optimizely.com Amazon	`2021-08-04` - `2022-09-02`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
quora.com R3	`2021-08-22` - `2021-11-20`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.micpn.com Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
*.c212.net DigiCert SHA2 High Assurance Server CA	`2019-11-19` - `2022-01-05`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
rbx.sofi.com R3	`2021-07-07` - `2021-10-05`	3 months	crt.sh
content.to Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
tgtag.io GTS CA 1D4	`2021-08-26` - `2021-11-24`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-07-26` - `2021-09-15`	2 months	crt.sh
*.tvsquared.com Amazon	`2020-10-16` - `2021-11-14`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
*.quora.com R3	`2021-08-22` - `2021-11-20`	3 months	crt.sh
appipv4.link Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
jssdkcdns.mparticle.com R3	`2021-08-29` - `2021-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
*.trafficguard.ai Sectigo RSA Domain Validation Secure Server CA	`2021-03-25` - `2022-03-25`	a year	crt.sh
*.iad-03.braze.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.samplicio.us Amazon	`2021-04-17` - `2022-05-16`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.sofi.com/app-download.html
Frame ID: 0EC65017D65A996B2FD17028C0F89FF8
Requests: 124 HTTP requests in this frame

Frame: https://6375438.fls.doubleclick.net/activityi;dc_pre=CPmclJLU4fICFVIA4AodHDkH3g;src=6375438;type=brand0;cat=unive0;ord=9387892431102;gtm=2wg910;auiddc=651778324.1630632690;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html
Frame ID: 082D7FA8E68CF75D844377BA962BFD5C
Requests: 2 HTTP requests in this frame

Frame: https://di.rlcdn.com/710883.html
Frame ID: 939365BEFC58EC897B29A6EA06E2C63A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=914119576978372700&dcc=t
Frame ID: C746F4D3FD36291AC806F3B61F0A4313
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=qtCUW7OJRZiHgvZZ6kranw&ep=XskVaNBDiyBR6ZvBA2xJx623ek75O_MaNV60IPWUD1vw2PyGziQC55hZ3BnFPm5Ep91oob2UbkBeV7gzVD797mCBrIwl8uA6345TJuhN7mo
Frame ID: 422BB766EBE02A892B0B0ED6C120E149
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SoFi App Download

Page URL History Show full URLs

http://ablink.o.sofi.org/ls/click HTTP 307
https://www.sofi.com/app-download.html Page URL
https://www.sofi.com/app-download.html Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /adnxs\.(?:net|com)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

Page Statistics

169
Requests

98 %
HTTPS

26 %
IPv6

71
Domains

84
Subdomains

50
IPs

9
Countries

2922 kB
Transfer

6304 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://sofi.app.link/9PWl9h1gs4/
Title:

Search URL Search Domain Scan URL

URL: https://sofi.app.link/iXoJohohs4/
Title:

Search URL Search Domain Scan URL

URL: http://www.nmlsconsumeraccess.org/
Title: (www.nmlsconsumeraccess.org)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ablink.o.sofi.org/ls/click HTTP 307
https://www.sofi.com/app-download.html Page URL
https://www.sofi.com/app-download.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ablink.o.sofi.org/ls/click HTTP 307
https://www.sofi.com/app-download.html

Request Chain 36

https://6375438.fls.doubleclick.net/activityi;src=6375438;type=brand0;cat=unive0;ord=9387892431102;gtm=2wg910;auiddc=651778324.1630632690;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html HTTP 302
https://6375438.fls.doubleclick.net/activityi;dc_pre=CPmclJLU4fICFVIA4AodHDkH3g;src=6375438;type=brand0;cat=unive0;ord=9387892431102;gtm=2wg910;auiddc=651778324.1630632690;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html

Request Chain 84

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=914119576978372700 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=914119576978372700&dcc=t

Request Chain 125

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1621550208998%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=5PHGvQ99999q2EaC

Request Chain 126

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=164881003898000006364&ex=neustar.biz

Request Chain 127

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5774301286 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5774301286 HTTP 302
https://sync.1rx.io/usersync/tradedesk/bc8ee7db-f853-4ff1-a902-3c9df281e17e HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f5ff8707-3c0c-451e-ab6a-e411832e1c1f-003?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-f5ff8707-3c0c-451e-ab6a-e411832e1c1f-003%26ex%3Drhythmone.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=RX-f5ff8707-3c0c-451e-ab6a-e411832e1c1f-003&ex=rhythmone.com

Request Chain 128

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=0d3126e141e7ab166892e83146a9da11

Request Chain 129

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=UMJ31Q99999q2EaC

Request Chain 130

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1 HTTP 302
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UPab05d729-0c56-11ec-9d7d-02eadc0512aa HTTP 302
https://s.amazon-adsystem.com/ecm3?id=b4114a5712198578f7d859d2548503278a4fd425&ex=aoldisplay.com

Request Chain 131

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=04cfa1c9-8617-4440-9870-87461c323f7e

Request Chain 135

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=be28bd1d3a214546e7029d58f9eb1c&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 136

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 138

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e178bb18b11233ec

Request Chain 139

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=bsniHK9SRsSsM7PZHRWCjw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=bsniHK9SRsSsM7PZHRWCjw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=91282974461822426520882031666911645302

Request Chain 140

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=x-f9XwDRQmKRX3T8u_-2zg HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10821164742302747447&gdpr=&gdpr_consent=

Request Chain 142

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=9031033078855513488

Request Chain 143

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=ab455ab2-0c56-11ec-b8de-10d4c6b20406 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=ab455a56-0c56-11ec-b8de-10d4c6b20406

Request Chain 144

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%222b4789b4-a37c-4e64-b89a-b1d968b7ad97%22,%22Time%22:%2220210902T213132.191802%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=2b4789b4-a37c-4e64-b89a-b1d968b7ad97

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEOEuJmqC1x-xClzNp0qoBjs&google_cver=1

Request Chain 146

https://usermatch.krxd.net/um/v2?partner=amzn HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

Request Chain 147

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=8f6d8ff9d9582f1a98e53beb00200407

Request Chain 148

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=e618c6a5-00ac-cfe9-3831-36e7afcfc0e1

Request Chain 149

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KGNNxENoj59XVRiCqzgwbDc4dAU4ZgIC

Request Chain 150

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=999B04EF0211E2A

Request Chain 151

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8804190116087319814&ex=appnexus.com

Request Chain 152

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=mxP_OhKwHw6evDslGPWAgA&ex=rubiconproject.com&status=ok

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=qtCUW7OJRZiHgvZZ6kranw& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 154

https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-4dc3de8c-1758-436c-8589-d2a38213d7be&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-4dc3de8c-1758-436c-8589-d2a38213d7be HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-4dc3de8c-1758-436c-8589-d2a38213d7be&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-4dc3de8c-1758-436c-8589-d2a38213d7be HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-4dc3de8c-1758-436c-8589-d2a38213d7be

Request Chain 156

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2DF67A31617D47D09602F4F40A

Request Chain 157

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-4U.4foB1l2OH7hMRkbLH1_OWoO.y.Io-

Request Chain 158

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=6a4150aff59589bb039310ae7d3e257e0eeec3e7d753a773d656d6dba0b99485

Request Chain 159

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=2E56D3F2-7514-4CBA-B263-3B72E9C363E7

Request Chain 160

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1630090234400%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xtf-1630090234400&id=UMJ31Q99999q2EaC

Request Chain 161

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=4197a0e9-f9e3-4a38-925a-dde9afc0efc6-tuct82b0074

169 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

503

app-download.html Show response
www.sofi.com/
Redirect Chain

http://ablink.o.sofi.org/ls/click
https://www.sofi.com/app-download.html

9 KB
10 KB

77ms
28ms

Document
text/html

104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d3e3d9c7b9de2a66068db2e76ebd545ede4bcbd643e5a8dbea5af7993d4e43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.sofi.com
:scheme: https
:path: /app-download.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:25 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=; path=/; expires=Fri, 03-Sep-21 02:01:25 GMT; domain=.sofi.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuDejjlcWoVeujVb3%2FmuvyzXI2qNxTZgOHl6rgGdoa0n1DgszUEMAgAW4fvuKr8lT0u6oFmOY%2BHcFjOGFLpamMclwLHI9%2Bf3AWbx99WQaNn3m9LJg%2BXNIwfa4o21CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 688b37edbf9dedeb-CDG

Redirect headers

Server: openresty
Date: Fri, 03 Sep 2021 01:31:25 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
location: https://www.sofi.com/app-download.html
cache-control: no-cache
branch-server-fallback: Branch-Server-Fallback
esp-server-fallback: Error-Response-Email-Server-Provider

GET
H2 200 v1 Show response
www.sofi.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 36 KB
13 KB 71ms
71ms Script
text/javascript 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sofi.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=688b37edbf9dedeb

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55edcf1a6c0f157cc8c9b38bf21c2a47ade7b29efa264010ac607100a3c50a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=688b37edbf9dedeb
pragma: no-cache
cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJfG0kVMJXN7Ei34tezQx9q2E94qaV0cr8QgiCZvzBWd8anBC%2BjrsgBRBemzqqujjo8YXr8Li58PGCNWBG%2F7OnCkY6P1dB%2BLY6%2FDwnEsbXVyy92wBmAPQGUI7LP6pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=0, must-revalidate
strict-transport-security: max-age=15552000
cf-ray: 688b37edffcaedeb-CDG

GET
H2 200 transparent.gif
www.sofi.com/cdn-cgi/images/trace/jschal/js/ 42 B
197 B 20ms
19ms Image
image/gif 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=688b37edbf9dedeb

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=688b37edbf9dedeb
pragma: no-cache
cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 12:02:46 GMT
server: cloudflare
etag: "611e4866-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 688b37edffccedeb-CDG
vary: Accept-Encoding
content-length: 42
expires: Fri, 03 Sep 2021 03:31:25 GMT

GET
H2 200 transparent.gif
www.sofi.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 19ms
19ms Image
image/gif 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=688b37edbf9dedeb

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=688b37edbf9dedeb
pragma: no-cache
cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 12:02:46 GMT
server: cloudflare
etag: "611e4866-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 688b37edffcdedeb-CDG
vary: Accept-Encoding
content-length: 42
expires: Fri, 03 Sep 2021 03:31:25 GMT

POST
H2 200 3fce613e910f6fb Show response
www.sofi.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.40631555095987293:1630631427:8127455800c1adc432f6a41bead79d4fcb2a63a78aece6ef4bbe89e54ade1549/688b37edbf9dedeb/ 88 KB
39 KB 90ms
89ms XHR
text/plain 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sofi.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.40631555095987293:1630631427:8127455800c1adc432f6a41bead79d4fcb2a63a78aece6ef4bbe89e54ade1549/688b37edbf9dedeb/3fce613e910f6fb

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=688b37edbf9dedeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269388e6fcbb383445b8af330aa378fc02e2d0841be4d580298f35c073b6d445

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.sofi.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=; cf_chl_prog=e
content-length: 1771
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.40631555095987293:1630631427:8127455800c1adc432f6a41bead79d4fcb2a63a78aece6ef4bbe89e54ade1549/688b37edbf9dedeb/3fce613e910f6fb
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 3fce613e910f6fb
:method: POST
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
CF-Challenge: 3fce613e910f6fb
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Sep 2021 01:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6eyw2%2FCDkv4MIyLkB2648nXTkWS94LFD0wg34tazGSVIFywn1MgIHdjzj6EPsSnmFe2Zv%2BCVBGRThQlzLElDOEwEjt4yXk3HWaL0hZErABzJUSA0epAWzG2D42tYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_3fce613e910f6fb=2d45a91860c0180;SameSite=Strict;Secure;HttpOnly
strict-transport-security: max-age=15552000
cf-ray: 688b37eed85bedeb-CDG

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 3fce613e910f6fb Show response
www.sofi.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.40631555095987293:1630631427:8127455800c1adc432f6a41bead79d4fcb2a63a78aece6ef4bbe89e54ade1549/688b37edbf9dedeb/ 2 KB
2 KB 180ms
179ms XHR
text/plain 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sofi.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.40631555095987293:1630631427:8127455800c1adc432f6a41bead79d4fcb2a63a78aece6ef4bbe89e54ade1549/688b37edbf9dedeb/3fce613e910f6fb

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=688b37edbf9dedeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c99c32c2af2f3e1b30815407cf3088e3a7250d7c3097b7060aded3410773029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.sofi.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_seq_3fce613e910f6fb=2d45a91860c0180; __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=; cf_chl_prog=a2
content-length: 18384
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.40631555095987293:1630631427:8127455800c1adc432f6a41bead79d4fcb2a63a78aece6ef4bbe89e54ade1549/688b37edbf9dedeb/3fce613e910f6fb
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 3fce613e910f6fb
:method: POST
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
CF-Challenge: 3fce613e910f6fb
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Sep 2021 01:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf_chl_out: hWp71+TLcf3HvMusMxaGHL4gQkeexHE5bTIgf42gThzKmxzo/SI0GWQYIHE1/FrXc2d4StLA9fjMxKwnlq6s+9VXX/K9yNUjJAk5Bh0ORPUg3WAKhm7g4rWbuYG1fAPygrj+1dEqikl0ECiDw9YFpuO2ru0QDHplyJwIrkiGeDo=$jWaNUHK2C/BsEUB+VHzdTg==
strict-transport-security: max-age=15552000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fxf3%2F2QeOMGBX7tWi%2F%2BGW%2B6VqCr4PbWJ79nmd1qSDakOZW9CcJZJ6nrct79KkIaf1C7qmvsK8rvUbXFxOMrAR3JeCwyAvnNE8niMYvwPec8zD9kcMSVOKMj9CCE5WA%3D%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: cf_chl_seq_3fce613e910f6fb=;Expires=Thu, 02 Sep 2021 01:31:26 GMT;SameSite=Strict;Secure;HttpOnly
cf-ray: 688b37f4abc9edeb-CDG
vary: Accept-Encoding

GET app-download.html
www.sofi.com/ 0
0

GET
H2 200 Primary Request app-download.html Show response
www.sofi.com/ 41 KB
11 KB 746ms
745ms Document
text/html 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sofi.com/app-download.html

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

450354397c0ece97c2d6842a3920399a9f8ebeb1b3e51bd1268d97c00e876e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.sofi.com
:scheme: https
:path: /app-download.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.sofi.com/app-download.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=; cf_chl_rc_ni=1; cf_chl_prog=a10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.sofi.com/app-download.html

Response headers

date: Fri, 03 Sep 2021 01:31:29 GMT
content-type: text/html
last-modified: Mon, 23 Aug 2021 20:32:07 GMT
expires: Fri, 03 Sep 2021 01:41:29 GMT
cache-control: max-age=600 public
x-sofi-wordpress-cache-status: HIT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000
access-control-allow-origin: https://sofi.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-sr-trace-id: 42e51a78c90996b1b9f525ef694fbce6
set-cookie: SOFI_WEB_USER_ID=Cv5CBGExevGlFAAak8N9Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; HTTPOnly; Secure __cfruid=34a1c3d4a6fafb17a050f7c13d74b00815b0a684-1630632689; path=/; domain=.sofi.com; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cc00Q3qKFXrZ5W1IglMINHUnYIMn96CdL5RKzJvayuEEOsfZScrdahees%2Fmy6AeLdqR8b33DO4csetPvbmy5h8W7u%2Bip6U9TUYv70Ns29Vo80laPKraErivA6daNQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 688b38025b13edeb-CDG
content-encoding: br

GET
H2 200 14812420277.js Show response
cdn.optimizely.com/js/ 372 KB
98 KB 25ms
6ms Script
text/javascript 2a02:26f0:6c00:2a8::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/14812420277.js

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a8::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

28beb050e14f9ad88c22bab7ae5964e1319fbc6fa690a64b8177cb6a5d8af844

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: da3pQSZMfApQrsiG1VnN.QisTIbxxM6n
content-encoding: gzip
etag: "cb65a029017e97a50b797d81d8a8fcdf"
x-amz-request-id: 128ZSVTQ2V09SC6T
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 3257
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:2a8::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 99609
x-amz-id-2: YRXvHkXNYfcQZemk1PlAb84MZnFv3ehIYgOeX5/xwjFY4Re5YsXQmfgfSEWP0Xh4DkTvdw1tMpA=
last-modified: Thu, 02 Sep 2021 19:07:18 GMT
server: AmazonS3
date: Fri, 03 Sep 2021 01:31:29 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 datadog-rum-us.js Show response
www.datadoghq-browser-agent.com/ 64 KB
21 KB 34ms
10ms Script
application/javascript 13.32.112.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.112.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-112-63.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 39126af8d458c45fc18eb91010d42605f6e0e903de67d82f503b8e66c143204c

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:21 GMT
content-encoding: br
last-modified: Mon, 19 Jul 2021 12:21:10 GMT
server: AmazonS3
age: 34
etag: W/"20e006a0c5730657dae04bb52a46d540"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: z3QHxFWBn1S5P4-0G-j737Jv7lnctKZ8MzsuNsscfkI8M5QvvjsHfg==

GET
H2 503 sofi-logo.svg
www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/home-page/ 10 KB
10 KB 29ms
29ms Image
text/html 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/home-page/sofi-logo.svg

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b13b4a1614e6b15a20235ec7bb3cf51cf996f7e165248287f3575ecbb3c51568

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp/wp-content/themes/sofi-v4/src/img/svg/home-page/sofi-logo.svg
pragma: no-cache
cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=; cf_chl_rc_ni=1; cf_chl_prog=a10; SOFI_WEB_USER_ID=Cv5CBGExevGlFAAak8N9Ag==; __cfruid=34a1c3d4a6fafb17a050f7c13d74b00815b0a684-1630632689
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:29 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2F%2BVs6MEfpilVjxrUByV%2FsMLzKBZyYzEhKtEd1UnOkhK4DF%2FNtY4ofYDH9lRSusWIgJiv%2BjmQO%2FPReeLfx2RVtV1Ma%2Ftew%2BrDNexrjRxef9RivTYp36oadDk0tdcDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
strict-transport-security: max-age=15552000
cf-ray: 688b38076e32edeb-CDG
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 503 app-download-oval.svg
www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/individual/ 10 KB
10 KB 30ms
29ms Image
text/html 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/individual/app-download-oval.svg

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47dfc6994762e99173524e82c2b542a20a22a5d4bb0e1249674749bb7930f59f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp/wp-content/themes/sofi-v4/src/img/svg/individual/app-download-oval.svg
pragma: no-cache
cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=; cf_chl_rc_ni=1; cf_chl_prog=a10; SOFI_WEB_USER_ID=Cv5CBGExevGlFAAak8N9Ag==; __cfruid=34a1c3d4a6fafb17a050f7c13d74b00815b0a684-1630632689
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:29 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDTIvcOSIDt2yW3CHBwU1v8pQDRwW%2FSBLd2x1G%2B3DBjsRnXm7McENkhsmssEJQ5jxVBHK%2BFzXgNmCq%2B%2FO0rQ6DJ%2BETavQFQGZOvocG4433b2AAxWgIvBCswVSH8fmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
strict-transport-security: max-age=15552000
cf-ray: 688b38077e41edeb-CDG
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK app-download-phone2.png
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 115 KB
116 KB 71ms
11ms Image
image/png 13.32.118.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/app-download-phone2.png
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-202.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d01731504733769dd4193c64072561f6bcc9bd16a0482203a8cb4290a24206a

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 08:27:24 GMT
Via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
Age: 17514245
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 117978
Last-Modified: Fri, 06 Sep 2019 22:44:35 GMT
Server: AmazonS3
ETag: "aca7de8862f785ccf1dbe398d0917330"
x-amz-version-id: HOuA7XXeKIJD1bctq3Bfeqq8hoIGizE7
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Type: image/png
X-Amz-Cf-Id: WZWV7V3Byqlwga8pwaIgwh4oaTkojPsGaDr7LlgzuZ8v0MytOY1I4g==
Expires: Sat, 05 Sep 2020 22:44:34 GMT

GET
H/1.1 200
OK AppStoreBadge_136x40%402x.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 10 KB
11 KB 71ms
11ms Image
image/jpeg 13.32.118.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/AppStoreBadge_136x40%402x.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-202.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec4be84528c51c7c0a7fe71c7bc019978880b73e1b524a1f87376e997ea6ee33

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:48:24 GMT
Via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
Age: 1734186
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 10394
Last-Modified: Mon, 15 Apr 2019 17:22:13 GMT
Server: AmazonS3
ETag: "bf9e6ca17e75dbbc66eef2bf770aa086"
x-amz-version-id: jFyi40ZLxv.qOzyk4s5X8mgQt50pycZt
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: e4jJH9W1pP4avUKhh1NPOm3DcQr9ybs6Sd6tXnP9YbsiwAV8bPxfbA==
Expires: Tue, 14 Apr 2020 17:22:12 GMT

GET
H/1.1 200
OK GooglePlayBadge_136x40%402x.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 10 KB
10 KB 70ms
11ms Image
image/jpeg 13.32.118.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/GooglePlayBadge_136x40%402x.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-202.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db4fa78826fe4188ac570d30b1489bba9da09aaeed88978c533ddb3758a18c36

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 05:27:06 GMT
Via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
Age: 72264
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 10059
Last-Modified: Mon, 15 Apr 2019 17:22:00 GMT
Server: AmazonS3
ETag: "04630f3b5bb245a06026221bc0215156"
x-amz-version-id: to0uSdSMpkRbhrxo6MTCeSND5HdFdchQ
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: _mFT65Frlm5g3Z7ZOWD6m06wIYsNh0l9IDTyf9aSJoSIELmkXQhx4w==
Expires: Tue, 14 Apr 2020 17:21:59 GMT

GET
H/1.1 200
OK Growth-Web-QR-Code_QR-code.jpeg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 32 KB
33 KB 72ms
14ms Image
image/jpeg 13.32.118.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/Growth-Web-QR-Code_QR-code.jpeg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-202.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eaa525259deb6266c1a2a4207d90cc9c846390d079861e13dba9fbea26fe03ff

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 10:07:43 GMT
Via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
Age: 12324227
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 33063
Last-Modified: Thu, 27 Aug 2020 22:49:54 GMT
Server: AmazonS3
ETag: "23946f381de4a43e013f9d4afec77555"
x-amz-version-id: IJ4Kw4wiP8vH_8SRpjZv_QK8nNtjvP7K
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: jZqe-oWspVz4wEfqUcbiIQW43Kw0XYwLDsK_Bx1SU8Ym427db3lu5w==
Expires: Fri, 27 Aug 2021 22:49:53 GMT

GET
H2 503 icon-stopwatch.svg
www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/home-page/ 10 KB
10 KB 42ms
40ms Image
text/html 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/home-page/icon-stopwatch.svg

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c88847e522ef9dfda5f1923a92fcf6bd7b0033c729b5aa05c5fbf7fdeb2b9f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp/wp-content/themes/sofi-v4/src/img/svg/home-page/icon-stopwatch.svg
pragma: no-cache
cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=; cf_chl_rc_ni=1; cf_chl_prog=a10; SOFI_WEB_USER_ID=Cv5CBGExevGlFAAak8N9Ag==; __cfruid=34a1c3d4a6fafb17a050f7c13d74b00815b0a684-1630632689; _dd_s=rum=1&id=67eb3de1-a1be-4cf6-918c-38381c106d38&created=1630632689850&expire=1630633589850
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:29 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHi%2FQdrV8z3FMjC0lMMGFnnnqKhu7S2pI4DEzokCiC6k63jiJqLovIvqCJLwfeNhAWiqtBmLFiAhmks6q49%2B1osKCTValdrHwvTSTMZSfHbUmBTUuSgVfAkGIICMjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
strict-transport-security: max-age=15552000
cf-ray: 688b3807be6aedeb-CDG
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 503 icon-easy-qualification.svg
www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/home-page/ 10 KB
10 KB 42ms
40ms Image
text/html 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/home-page/icon-easy-qualification.svg

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

859c087bf100bbde423cf929934183850fe36feb7bbb470afea90e7db0f89f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp/wp-content/themes/sofi-v4/src/img/svg/home-page/icon-easy-qualification.svg
pragma: no-cache
cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=; cf_chl_rc_ni=1; cf_chl_prog=a10; SOFI_WEB_USER_ID=Cv5CBGExevGlFAAak8N9Ag==; __cfruid=34a1c3d4a6fafb17a050f7c13d74b00815b0a684-1630632689; _dd_s=rum=1&id=67eb3de1-a1be-4cf6-918c-38381c106d38&created=1630632689850&expire=1630633589850
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:29 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rMYkcLlK%2BdsTT%2B%2FGYpLWPUq1gYwOteJP%2FHsDGOIRl1cmQGQB1vLt0xZ4Lv6E3eVjv0xaDo0PG0a6KSH7WMz90g1t3g0QLVTX%2FJ81XOH%2B%2FVBOGXQ8CG8OJt4UTdQPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
strict-transport-security: max-age=15552000
cf-ray: 688b3807be6bedeb-CDG
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 503 handshake.svg
www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/individual/ 10 KB
10 KB 30ms
29ms Image
text/html 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/individual/handshake.svg

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

185bd5047699f7c070131ae87593e3d604bb8bfe00eab2e09ee5ee54171b4bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp/wp-content/themes/sofi-v4/src/img/svg/individual/handshake.svg
pragma: no-cache
cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=; cf_chl_rc_ni=1; cf_chl_prog=a10; SOFI_WEB_USER_ID=Cv5CBGExevGlFAAak8N9Ag==; __cfruid=34a1c3d4a6fafb17a050f7c13d74b00815b0a684-1630632689; _dd_s=rum=1&id=67eb3de1-a1be-4cf6-918c-38381c106d38&created=1630632689850&expire=1630633589850
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:29 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8fF2N7DEJsd9xxzuHNA10HiVKPNh9zmg0Wa5G8NEhzBk2ZEZn0BMdThMF%2BriQ11wok%2B%2FuJk%2BEEhdkvhI7ViCkSFvHH9MOQ78rLCEB0YG9D%2Fo9OSk%2FDXgQOsSv%2F5wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
strict-transport-security: max-age=15552000
cf-ray: 688b3807be6cedeb-CDG
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 104ms
47ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:29 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 22:03:28 GMT
server: cloudflare
etag: W/2021.8.2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 688b380809f8637d-FRA

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 446 KB
105 KB 62ms
45ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WLSZML

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

388609c9305f93bd9ba1a4cb15986b9e5b94c89bf7c44d177271fae70fa9fdd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107124
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Sep 2021 01:31:29 GMT

GET
H2 503 app-download-bg-tablet.svg
www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/individual/ 10 KB
10 KB 36ms
34ms Image
text/html 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/individual/app-download-bg-tablet.svg

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

309c05dee1836ecaf00d0f572647f090b3d039bdba218c9d512ae33385479a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp/wp-content/themes/sofi-v4/src/img/svg/individual/app-download-bg-tablet.svg
pragma: no-cache
cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=; cf_chl_rc_ni=1; cf_chl_prog=a10; SOFI_WEB_USER_ID=Cv5CBGExevGlFAAak8N9Ag==; __cfruid=34a1c3d4a6fafb17a050f7c13d74b00815b0a684-1630632689; _dd_s=rum=1&id=67eb3de1-a1be-4cf6-918c-38381c106d38&created=1630632689850&expire=1630633589850
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:29 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8miY0JtFH0JoNXYk%2Bidd9JZqKYQVXQbTBXO77RPmUANz2fAHmoinbgks5LexJqihZGLBm1w1oQqkM%2BeBmgZ3xMIDfhz3C1o00l55ozP%2B0viTtFUuBuMVbkNV3tf%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
strict-transport-security: max-age=15552000
cf-ray: 688b3807be72edeb-CDG
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK SLR_PCard_desktop%402x.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 87 KB
87 KB 62ms
14ms Image
image/jpeg 13.32.118.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/SLR_PCard_desktop%402x.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-202.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af2966c91e845002ab923ea607a7d02f8aeb87698b9f1099a627a72835add06d

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 23 Jun 2021 18:32:33 GMT
Via: 1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
Age: 6159536
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 88754
Last-Modified: Wed, 10 Apr 2019 17:25:37 GMT
Server: AmazonS3
ETag: "b98120b4108ec2bfa4be3e5583acdd65"
x-amz-version-id: xZcNsOlGjqc7czN9XZ6aY.rX0E2RzHEj
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: nPBANIprW0iCxb_CpAtta6Eu8n_37LKMiiaBt0AWoI5KMXkkSydrow==
Expires: Thu, 09 Apr 2020 17:25:36 GMT

GET
H/1.1 200
OK USL_PCard_desktop%402x.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 73 KB
74 KB 63ms
14ms Image
image/jpeg 13.32.118.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/USL_PCard_desktop%402x.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-202.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e264b4b1c2b568b974eb4ee23328522d1a4fa24247736bc6b138f7fbdb3faef4

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 27 May 2021 16:52:41 GMT
Via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
Age: 8498329
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 75149
Last-Modified: Wed, 10 Apr 2019 17:25:27 GMT
Server: AmazonS3
ETag: "d18108ae07303846db0bd29f81980e60"
x-amz-version-id: J81YgJfsZwuvaQr8EA4qwO3s9QbCGfJo
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: dbrb7UG8-fuVBhJ_ucv-uNWrayZqYwLhE4IjA-cibN8eVCG6h_ZBmA==
Expires: Thu, 09 Apr 2020 17:25:26 GMT

GET
H/1.1 200
OK PL_PCard_desktop%402x.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 68 KB
69 KB 20ms
19ms Image
image/jpeg 13.32.118.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/PL_PCard_desktop%402x.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-202.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef461c7c1d3972fcb7338c3c42215fd18ae5bf13736b2de69232a93ad25da76d

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 23 Jun 2021 18:32:33 GMT
Via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
Age: 6159537
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 69546
Last-Modified: Wed, 10 Apr 2019 17:25:35 GMT
Server: AmazonS3
ETag: "c458af220b5869f69dfda61268d0c43f"
x-amz-version-id: zondZueZ.X6Kp.y3rKyVOn5OI4Kr_mUY
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: fLWVgtht55DUYxS3QMrsVGlVlLWQz5WktWKSNTY3urlvJmJ2t0rm2w==
Expires: Thu, 09 Apr 2020 17:25:34 GMT

GET
H/1.1 200
OK HL_PCard_desktop%402x.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 104 KB
104 KB 10ms
8ms Image
image/jpeg 13.32.118.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/HL_PCard_desktop%402x.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-202.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ab2a342c7d07c83514822dcf164546b7228b874b50f4e5b2722fbe42058da9f

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 05 May 2021 09:19:26 GMT
Via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
Age: 10426324
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 106368
Last-Modified: Wed, 10 Apr 2019 17:25:29 GMT
Server: AmazonS3
ETag: "0203eeace95e567b525e084fb24d7033"
x-amz-version-id: 7IPBM38RyuIyoL64vbdJ5iESURJLS9eU
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: ZKFDR4qd56oKVaCnrGMz8TIzi2t2rcK-GJ4y3ATneOmZfYefBRN0lQ==
Expires: Thu, 09 Apr 2020 17:25:28 GMT

GET
H/1.1 200
OK Invest_PCard_desktop%402x.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 105 KB
105 KB 18ms
9ms Image
image/jpeg 13.32.118.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/Invest_PCard_desktop%402x.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-202.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd26f8e52d236e0c762ab5de965b5131e51561ccbd279b19ba5bad0cf229a19a

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 05 May 2021 09:19:26 GMT
Via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
Age: 10426324
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 107179
Last-Modified: Wed, 10 Apr 2019 17:25:32 GMT
Server: AmazonS3
ETag: "dd3685846052f01570618595accb26ff"
x-amz-version-id: gGjhqGrtL.ptaBD7PJgH6MOteeW4_kXN
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: 7A0GiPgz8uOSfTYMKvV5uoNBC9JhjRqDXB3ftbk41mVO1JzDpa0z4Q==
Expires: Thu, 09 Apr 2020 17:25:31 GMT

GET
H/1.1 200
OK MemberExperiences_Money_Tile_Desktop%402X.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 48 KB
49 KB 18ms
8ms Image
image/jpeg 13.32.118.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/MemberExperiences_Money_Tile_Desktop%402X.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-202.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64f707b22d1f8339a6506450fbb8c745633b98478703368b46823f86d53dcc33

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 05 May 2021 09:19:26 GMT
Via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
Age: 10426324
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 49592
Last-Modified: Thu, 20 Feb 2020 21:33:35 GMT
Server: AmazonS3
ETag: "80183033f098fe9836e9ef4ef248d1b4"
x-amz-version-id: ytSWApAeeqgcBsBpND3hjx_sZL_TCzYS
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: gJVBn0BYElolfu37pekHy7wAFlQLo-thpkvVbTI2XuPmHnIDSry9mA==
Expires: Fri, 19 Feb 2021 21:33:34 GMT

GET
H/1.1 200
OK TTNorms-bold.woff2
d32ijn7u0aqfv4.cloudfront.net/assets/fonts/ 20 KB
21 KB 62ms
15ms Font
binary/octet-stream 13.32.118.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/assets/fonts/TTNorms-bold.woff2
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-202.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6292e56b84d52df8bf30d8066cb00c02955c80f2f8b0232ef45bdf9fd5cdc1e

Request headers

Origin: https://www.sofi.com
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 03:53:43 GMT
Via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
Vary: Origin
Age: 2065067
X-Cache: Hit from cloudfront
x-amz-meta-forcedreplication: 2020-12-07T14:39:36.194559
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 20388
Last-Modified: Thu, 29 Apr 2021 21:24:41 GMT
Server: AmazonS3
ETag: "8270a9f410a8e846a7fe9422e3db696c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: FgwCGZURQMB0KrL30NNyoOFOuNpwBCTL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Type: binary/octet-stream
X-Amz-Cf-Id: LGTIQ6uRP81UZ3cqMioA3qoza_M5jsjKiomBHloe5d--KN3hY3_FCA==

GET
H/1.1 200
OK larsseit_extra_bold.woff2
d32ijn7u0aqfv4.cloudfront.net/assets/fonts/ 37 KB
37 KB 62ms
16ms Font
binary/octet-stream 13.32.118.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/assets/fonts/larsseit_extra_bold.woff2
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-202.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73acf9dbdd2a86dfbb64cebff7b5f0fe6182c3e3f5e84b5e857580d5685f475f

Request headers

Origin: https://www.sofi.com
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: xA5hpBfnGKObgQr1MCGLqiFlBozLEa7y
Via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5f.cloudfront.net (CloudFront)
ETag: "9b85cfd6cee46b560a0d1a6c3edfa743"
Age: 35223
X-Cache: Hit from cloudfront
x-amz-meta-forcedreplication: 2020-12-07T14:39:36.194559
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 37412
Last-Modified: Thu, 29 Apr 2021 21:25:10 GMT
Server: AmazonS3
Date: Thu, 02 Sep 2021 15:44:27 GMT
Vary: Origin
Access-Control-Allow-Methods: HEAD, GET, PUT, POST, DELETE
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Access-Control-Max-Age: 3000
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
X-Amz-Cf-Id: TcfXN6Od5pQlqxqhlXZ3gmqIgzql8j6VbPu1FuwCMHuasknkF-8JhA==

GET
H/1.1 200
OK larsseit-bold.woff2
d32ijn7u0aqfv4.cloudfront.net/assets/fonts/ 38 KB
38 KB 83ms
37ms Font
binary/octet-stream 13.32.118.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/assets/fonts/larsseit-bold.woff2
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-202.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5104b1a5bd92dd06a62a537a136104a71f98978b37c594bf6c91f9968849a13

Request headers

Origin: https://www.sofi.com
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: mP0sBMIWNQYxsJ9_oUQpbSLDc54CX9dq
Via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
ETag: "a6bd5a2b8ed00506661a751147ef5d7f"
Age: 144822
X-Cache: Hit from cloudfront
x-amz-meta-forcedreplication: 2020-12-07T14:39:36.194559
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 38407
Last-Modified: Thu, 29 Apr 2021 21:21:32 GMT
Server: AmazonS3
Date: Wed, 01 Sep 2021 09:17:48 GMT
Vary: Origin
Access-Control-Allow-Methods: HEAD, GET, PUT, POST, DELETE
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Access-Control-Max-Age: 3000
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
X-Amz-Cf-Id: lTkr3vvWCr5Iwapg5Y-ZAyf7Bb6gi6v2s9HXce4CovA2crjw3YsHjg==

GET
H/1.1 200
OK TTNorms.woff2
d32ijn7u0aqfv4.cloudfront.net/assets/fonts/ 20 KB
21 KB 70ms
24ms Font
binary/octet-stream 13.32.118.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/assets/fonts/TTNorms.woff2
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-202.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6820c0bd7e84991223198fb475a2c5163b3f16e490eccfed580435e90380904

Request headers

Origin: https://www.sofi.com
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 12:31:50 GMT
Via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
Vary: Origin
Age: 1429180
X-Cache: Hit from cloudfront
x-amz-meta-forcedreplication: 2020-12-07T14:39:36.194559
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 20292
Last-Modified: Thu, 29 Apr 2021 21:25:43 GMT
Server: AmazonS3
ETag: "211431d80c2d89ca748b74743a4c102d"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: .BuA7OLeZWVUnc3Pip4of8gszLHWonQo
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Type: binary/octet-stream
X-Amz-Cf-Id: VYPRrHQaqE_Bh2bdCw3S6JrlWhw_WqVrR2ks4kOSoIO8jSe0V2haVA==

POST
H2 200 pub346aa021e965843c43f563f0bf19854f
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
94 B 403ms
196ms Ping
application/json 2600:1f18:24e6:b901:343e:fcbb:d36e:974c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub346aa021e965843c43f563f0bf19854f?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Awordpress&batch_time=1630632690222
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:343e:fcbb:d36e:974c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Sep 2021 01:31:30 GMT
content-length: 2
content-type: application/json

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 457ms
110ms Preflight
text/plain 52.72.27.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 52.72.27.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-27-138.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sofi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://www.sofi.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Fri, 03 Sep 2021 01:31:30 GMT
Content-Length: 13
Connection: keep-alive

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
238 B 103ms
103ms XHR
text/plain 52.72.27.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.27.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-27-138.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.sofi.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Fri, 03 Sep 2021 01:31:30 GMT
Content-Type: text/plain

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 66ms
40ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLSZML
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:29 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: 28FD1E27C0034546AC85A49FBE323BF2 Ref B: FRAEDGE1406 Ref C: 2021-09-03T01:31:30Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H3-29

200

activityi;dc_pre=CPmclJLU4fICFVIA4AodHDkH3g;src=6375438;type=brand0;cat=unive0;ord=9387892431102;gtm=2wg910;auiddc=651778324.1630632690;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=... Show response
6375438.fls.doubleclick.net/ Frame 082D
Redirect Chain

https://6375438.fls.doubleclick.net/activityi;src=6375438;type=brand0;cat=unive0;ord=9387892431102;gtm=2wg910;auiddc=651778324.1630632690;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~ore...
https://6375438.fls.doubleclick.net/activityi;dc_pre=CPmclJLU4fICFVIA4AodHDkH3g;src=6375438;type=brand0;cat=unive0;ord=9387892431102;gtm=2wg910;auiddc=651778324.1630632690;u1=https%3A%2F%2Fwww.sofi...

2 KB
839 B

81ms
58ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6375438.fls.doubleclick.net/activityi;dc_pre=CPmclJLU4fICFVIA4AodHDkH3g;src=6375438;type=brand0;cat=unive0;ord=9387892431102;gtm=2wg910;auiddc=651778324.1630632690;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLSZML

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

8283bca862d76a332c2e23e725893ee530cad25de99966e0c76e1cdd3f45cca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6375438.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPmclJLU4fICFVIA4AodHDkH3g;src=6375438;type=brand0;cat=unive0;ord=9387892431102;gtm=2wg910;auiddc=651778324.1630632690;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sofi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkPeC22jGKoj-MasTAJq8kG59Bfca2_1lzgJu-F2_lDzPEb2XFApRLZ74Se
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Sep 2021 01:31:30 GMT
expires: Fri, 03 Sep 2021 01:31:30 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 816
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Sep 2021 01:31:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6375438.fls.doubleclick.net/activityi;dc_pre=CPmclJLU4fICFVIA4AodHDkH3g;src=6375438;type=brand0;cat=unive0;ord=9387892431102;gtm=2wg910;auiddc=651778324.1630632690;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
832 B 147ms
117ms Script
application/javascript 2a02:26f0:6c00:2b9::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLSZML
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b9::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "d281f5ef4add283680ff41edc6dd28c4"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 4029effb-2.16.186.166
accept-ranges: bytes
content-length: 584
access-control-expose-headers: X-CDN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 31ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: vlRr3CE1JppG9WShhtmfs9csYVNEdSOYaiB9Uh/k/E2cEzubcaW7rCZJY7QmaKsRjsiWzQbZPnehJt+aYpBVqA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 03 Sep 2021 01:31:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 42ms
10ms Script
text/plain 151.101.13.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
etag: "f32ebb1e93a72c0a57add6d07f688510"
age: 6989
x-cache: HIT, HIT
content-length: 13681
x-amz-id-2: 2FBt1fp4algAqYXNlVIiPcJyYlCqdtCpDiA+cErOdKnK4chQBkP3D21UpwPlgNpa+QIn7ZW1oJk=
x-served-by: cache-bwi5135-BWI, cache-fra19176-FRA
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1630632690.395838,VS0,VE0
date: Fri, 03 Sep 2021 01:31:30 GMT
vary: Accept-Encoding
x-amz-request-id: 76JFX466EMMCZ7NK
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 3, 181

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 22 KB
7 KB 39ms
9ms Script
application/javascript 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:30 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 14 Jul 2021 17:50:00 GMT
server: snooserv
etag: "912f60c72fda50b2f21068c65115175d"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7018

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 79 KB
24 KB 44ms
19ms Script
text/javascript 18.66.97.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: JY0psBu036ThLrIRNRIc72jv8LxR45nr
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 21:28:14 GMT
server: AmazonS3
age: 12
etag: "494b4c270c41c5456742136e682b1007"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Fri, 03 Sep 2021 01:31:19 GMT
x-amz-cf-pop: FRA56-P2
content-length: 23861
x-amz-cf-id: ZL2STqG-rbH0t0DgaUYybVb-hEhTA-VsXbbGVhvfKyxw4K03GwqZuQ==

GET
H2 200 1.js Show response
tlxgvxfc.micpn.com/p/js/ 42 KB
15 KB 85ms
29ms Script
text/javascript 13.32.121.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tlxgvxfc.micpn.com/p/js/1.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-50.fra60.r.cloudfront.net
Software: /
Resource Hash: 4ca96fce30a4c081ee7216b8305dfdbde550daf1a2dde8ebe5931675bc3b80a2

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:30:39 GMT
content-encoding: gzip
age: 51
p3p: policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
cache-control: no-cache max-age=0
x-amz-cf-pop: FRA60-P1
timing-allow-origin: https://www.sofi.com
x-amz-cf-id: iHroYDuCCTHvPGjKsMPnZ2obhYzP9Z8KZkYlQWI5FFmHYKv1WoDxbw==
x-uuid: 7c5b2311-d2f1-4fde-8b2d-a397e4c16b48
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 c.min.js Show response
cdn.c212.net/ 747 B
1 KB 54ms
3ms Script
application/javascript 2600:9000:223c:1800:16:cfb1:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.c212.net/c.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLSZML
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1800:16:cfb1:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 17:53:01 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c63.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jan 2020 19:12:36 GMT
server: AmazonS3
age: 27521
etag: "9f5634a151b9e5ecb2adec9462f783d6"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 747
x-amz-cf-id: AmMefnQGfgg8tsowztXDUr69P6zIYr73vEsp0eGizaEcS5j4vAIdjA==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 9 KB
4 KB 115ms
26ms Script
application/javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 01:31:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.13.10
ETag: "60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 3340
Expires: Sat, 04 Sep 2021 01:31:32 GMT

GET
H/1.1 200
OK wxyz.rb.js Show response
rbx.sofi.com/assets/ 44 KB
10 KB 344ms
110ms Script
application/javascript 159.203.152.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rbx.sofi.com/assets/wxyz.rb.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.152.45 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 41ce98b6a5242e847585b14cb284048a261b34a13405fa99901c7a88a1b9438a

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 01:31:30 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 events.js Show response
contentdsp.com/ 13 KB
5 KB 331ms
103ms Script
text/javascript 54.175.65.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://contentdsp.com/events.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.65.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-65-195.compute-1.amazonaws.com
Software: /
Resource Hash: 44a8a164121b2408e45b5ab1b7b7f3195e70fad2f842265c8c58bfb25987411f

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Sep 2021 01:31:30 GMT
cache-control: max-age=30
content-encoding: gzip
content-type: text/javascript

GET
H2 200 tg.js Show response
tgtag.io/ 65 KB
21 KB 77ms
24ms Script
application/javascript 34.120.230.83
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tgtag.io/tg.js?pid=tg-g-002155-001
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.230.83 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 83.230.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3006c9fd6d5b0c3339a8a7b2daee6a42c1cd00898ed9529f95dd7b673aa6d011

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 20:56:10 GMT
content-encoding: gzip
age: 16520
x-guploader-uploadid: ADPycdtVu7nvXdhCrXWUgPfjIEdcIker69lZjRRAymbQiZ88SpE9HqyMxln8RMocsKmQWWjIZnPM2AkrKyOnHh4AWeY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 20547
last-modified: Wed, 25 Aug 2021 11:13:15 GMT
server: UploadServer
etag: "ca101e90a0c9d7f118282a4c0e8ebb6b"
x-goog-hash: crc32c=oualaA==, md5=yhAekKDJ1/EYKCpMDo67aw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1629889995805298
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, no-transform, max-age=86400, s-maxage=86400
x-goog-stored-content-length: 20547
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 03 Sep 2021 20:56:10 GMT

GET
H2 451 710883.html Show response
di.rlcdn.com/ Frame 9393 0
66 B 65ms
28ms Document
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://di.rlcdn.com/710883.html
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLSZML
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: di.rlcdn.com
:scheme: https
:path: /710883.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sofi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.sofi.com/

Response headers

date: Fri, 03 Sep 2021 01:31:30 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 53ms
26ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 03 Sep 2021 01:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 620
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5639
x-amz-id-2: so2tNHSYE+NAHuBXkEQknCFOj1k0b0/26U3iO6Md740X6LnHT5SOh6QtkWfk7GUtw0OKD/dsKIg=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 27 May 2021 13:00:20 GMT
server: ATS
etag: "6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 5SJRKB9K95FY6JWK
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK tv2track.js Show response
collector-11685.tvsquared.com/ 20 KB
9 KB 507ms
114ms Script
application/javascript 18.219.93.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-11685.tvsquared.com/tv2track.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.93.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-93-205.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 01:31:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Jul 2021 14:21:37 GMT
Server: nginx
ETag: "60df20f1-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Fri, 03 Sep 2021 01:41:30 GMT

GET
H2 503 refer
www.sofi.com/measure/pixel/ 10 KB
10 KB 50ms
32ms Image
text/html 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/measure/pixel/refer?referrer=https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8821c36a87d3422ac25baca6844d6feb258cf0f12c8f992df2b60ecb58a5b93b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /measure/pixel/refer?referrer=https://www.sofi.com/app-download.html
pragma: no-cache
cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=; cf_chl_rc_ni=1; cf_chl_prog=a10; SOFI_WEB_USER_ID=Cv5CBGExevGlFAAak8N9Ag==; __cfruid=34a1c3d4a6fafb17a050f7c13d74b00815b0a684-1630632689; _dd_s=rum=1&id=67eb3de1-a1be-4cf6-918c-38381c106d38&created=1630632689850&expire=1630633589850; _gcl_au=1.1.651778324.1630632690; mjs-sid=1630632690295
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:30 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQeCg5%2FB9VDWpsfTjfvtBWXlqKZ6QhX%2FQyvuAGMgDNtPp4YGANPUK5i3o7fskd28gVnRB8RFP9dtHl%2BaVwi3UYjy1YqB0yDSOkgciFGS6oRBYyYamQSkLMDeRXgIMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
strict-transport-security: max-age=15552000
cf-ray: 688b380b5898edeb-CDG
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 503 uievent
www.sofi.com/measure/pixel/ 11 KB
11 KB 47ms
31ms Image
text/html 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/measure/pixel/uievent?sessionId=1630632690295&pageviewUUID=e3896627-43a3-492d-906a-f11f9c9e40be&screenWidth=1600&screenHeight=1200&windowWidth=1600&windowHeight=1200&pageHost=www.sofi.com&pagePath=/app-download.html&filteredPath=/app-download.html/&partyId=&targetId=&targetType=&latitude=&longitude=&appVersion=&queryString=&eventName=&eventType=mjs-pageview&action=&value=&mjsVersion=3.5.1&eventEpochTime=1630632690293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9c973307ab133dd6d5c0f99c28b806f6d2d35c0a0d1e421e4bc29d41a860b0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /measure/pixel/uievent?sessionId=1630632690295&pageviewUUID=e3896627-43a3-492d-906a-f11f9c9e40be&screenWidth=1600&screenHeight=1200&windowWidth=1600&windowHeight=1200&pageHost=www.sofi.com&pagePath=/app-download.html&filteredPath=/app-download.html/&partyId=&targetId=&targetType=&latitude=&longitude=&appVersion=&queryString=&eventName=&eventType=mjs-pageview&action=&value=&mjsVersion=3.5.1&eventEpochTime=1630632690293
pragma: no-cache
cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=; cf_chl_rc_ni=1; cf_chl_prog=a10; SOFI_WEB_USER_ID=Cv5CBGExevGlFAAak8N9Ag==; __cfruid=34a1c3d4a6fafb17a050f7c13d74b00815b0a684-1630632689; _dd_s=rum=1&id=67eb3de1-a1be-4cf6-918c-38381c106d38&created=1630632689850&expire=1630633589850; _gcl_au=1.1.651778324.1630632690; mjs-sid=1630632690295
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:30 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FShc3PdfcLnz1AmxvSDjkLmFMnmaYLgnAfu7cmpBEldAxuYd9wjOWidWk%2BBq%2BhEb65AqCBhL1fdBhoyB4HNERAIlz5Pgt6gZoD2DFChjwAAzErb2MaWASq%2BoADfpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
strict-transport-security: max-age=15552000
cf-ray: 688b380b5899edeb-CDG
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-29 200 activityi;register_conversion=1;src=6375438;type=brand0;cat=unive0;ord=9387892431102;gtm=2wg910;auiddc=651778324.1630632690;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%...
6375438.fls.doubleclick.net/ 0
0 48ms
36ms Image
text/html 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6375438.fls.doubleclick.net/activityi;register_conversion=1;src=6375438;type=brand0;cat=unive0;ord=9387892431102;gtm=2wg910;auiddc=651778324.1630632690;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
962 B 145ms
39ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001983556279&.yp=428757&gtmcb=1721498234

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 01:31:30 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Fri, 03 Sep 2021 01:31:30 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
962 B 226ms
144ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001983556279&.yp=427891&gtmcb=1874448098

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 01:31:30 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Fri, 03 Sep 2021 01:31:30 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
962 B 118ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001983556279&.yp=428763&gtmcb=78497819

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 01:31:30 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Fri, 03 Sep 2021 01:31:30 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 36ms
31ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLSZML

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 7151
date: Thu, 02 Sep 2021 23:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 03 Sep 2021 01:32:19 GMT

POST
H2 200 rum Show response
www.sofi.com/cdn-cgi/ 0
206 B 25ms
25ms XHR
text/plain 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sofi.com/cdn-cgi/rum?

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://www.sofi.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __cf_bm=WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=; cf_chl_rc_ni=1; cf_chl_prog=a10; SOFI_WEB_USER_ID=Cv5CBGExevGlFAAak8N9Ag==; __cfruid=34a1c3d4a6fafb17a050f7c13d74b00815b0a684-1630632689; _dd_s=rum=1&id=67eb3de1-a1be-4cf6-918c-38381c106d38&created=1630632689850&expire=1630633589850; _gcl_au=1.1.651778324.1630632690; mjs-sid=1630632690295
content-length: 7651
:path: /cdn-cgi/rum?
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json

Response headers

date: Fri, 03 Sep 2021 01:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.sofi.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 688b380bc8d7edeb-CDG
vary: Origin

GET
H3-29 200 1460194797568320 Show response
connect.facebook.net/signals/config/ 39 KB
11 KB 17ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1460194797568320?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bd746d12bcd3161bf23d7acbcbb49aeea5f283cad8611ae4e04e30e5e6e7b1c7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 10755
x-xss-protection: 0
pragma: public
x-fb-debug: Ny126G+A+Iut/EynjPjqMOqsZU1G79Ky+f4T9y+tnBrvgrRIm7TfWig1NEm1qEnkw3fMLt55K5BkYMAUdOKkeQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 03 Sep 2021 01:31:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 164ms
112ms Image
image/gif 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1630632690586&id=t2_2c7jq6xc&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=4ecaa680-42fd-4a5f-bbb1-a425afec50d9&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_a797b96e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:30 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/55b106ccc5dc4e798eae9ce732b5c92e/ 43 B
420 B 414ms
112ms Image
image/gif 3.224.194.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/55b106ccc5dc4e798eae9ce732b5c92e/pixel?j=1&u=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&tag=ViewContent&ts=1630632690593

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.194.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-194-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 01:31:30 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,f5a8ec47f963b6f2f865812227aad1d2,10.0.0.64,27970,89.249.64.171,,112980421593,1,1630632690.949,0.002,,.,0,0,0.000,0.000,-,0,0,203,80,40,10,26847,,,,,,-,
Content-Type: image/gif

GET
H2 200 _r Show response
app.link/ 90 B
562 B 189ms
161ms Script
text/javascript 2600:9000:2240:1400:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.3&branch_key=key_live_dhquKJwnbvSjI23qTDPX6icmqri4sNI7&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

6d08a356f0873504886459219680ead9b83a62e4352c1fb3eb2a4e0ea83ebeed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:30 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: FRA60-P1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 90
etag: W/"5a-nBh2s/O6x4L97+D3GFqCjhhMYHk"
x-amz-cf-id: 8Zos1CMBtsqjquNm4iB79VWBZ9uT_IriqCKauXxHAp_m4fqJAnGbkA==

GET
H2 200 10147941.json Show response
s.yimg.com/wi/config/ 2 B
457 B 30ms
14ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10147941.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:18:02 GMT
x-content-type-options: nosniff
age: 808
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: WVRK2HF5J762CAYR
x-amz-id-2: ULZiXYcYuKtfC4kFvPfs3aocsiRN2xTDB6S987CwkuMGe+oOJaX3B9GjSZ2aaU9ZIoIMgFoiP3w=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 28ms
14ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-56752751-10&cid=619720218.1630632691&jid=1319656199&gjid=937474886&_gid=423932040.1630632691&_u=YGBAgEABAAAAAE~&z=1652777527

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 03 Sep 2021 01:31:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.sofi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1516073167&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&ul=en-us&de=UTF-8&dt=SoFi%20App%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=25%25&el=%2Fapp-download.html&_u=YGDAAEABAAAAAG~&jid=1793911589&gjid=203097848&cid=619720218.1630632691&tid=UA-56752751-1&_gid=423932040.1630632691&_r=1&gtm=2wg910WLSZML&z=1592364647

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sofi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 16ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1516073167&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&ul=en-us&de=UTF-8&dt=SoFi%20App%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fapp-download.html&el=25%25&_u=YGDAAEABAAAAAG~&jid=61657870&gjid=1062717781&cid=619720218.1630632691&tid=UA-56752751-10&_gid=423932040.1630632691&_r=1&gtm=2wg910WLSZML&cd3=2021-09-03T03%3A31%3A30.553%2B02%3A00&cd9=WEB&cd1=619720218.1630632691&z=726983558

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sofi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-56752751-10&cid=619720218.1630632691&jid=61657870&gjid=1062717781&_gid=423932040.1630632691&_u=YGDAAEABAAAAAG~&z=618958573

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 03 Sep 2021 01:31:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.sofi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=1516073167&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&ul=en-us&de=UTF-8&dt=SoFi%20App%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1319656199&gjid=937474886&cid=619720218.1630632691&tid=UA-56752751-10&_gid=423932040.1630632691&gtm=2wg910WLSZML&cd3=2021-09-03T03%3A31%3A30.444%2B02%3A00&cd8=e3896627-43a3-492d-906a-f11f9c9e40be&cd9=WEB&cd1=619720218.1630632691&z=453846041

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 15:14:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37003
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1516073167&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&ul=en-us&de=UTF-8&dt=SoFi%20App%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=50%25&el=%2Fapp-download.html&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=619720218.1630632691&tid=UA-56752751-1&_gid=423932040.1630632691&gtm=2wg910WLSZML&z=58673171

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 15:14:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37003
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=1516073167&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&ul=en-us&de=UTF-8&dt=SoFi%20App%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fapp-download.html&el=50%25&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=619720218.1630632691&tid=UA-56752751-10&_gid=423932040.1630632691&gtm=2wg910WLSZML&cd3=2021-09-03T03%3A31%3A30.555%2B02%3A00&cd9=WEB&cd1=619720218.1630632691&z=172157947

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 15:14:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37003
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.89cd5bf4.js Show response
s.pinimg.com/ct/lib/ 49 KB
17 KB 114ms
114ms Script
application/javascript 2a02:26f0:6c00:2b9::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b9::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "6deee3ea7ecc4a5d9687c1bd57018c16"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 4029f236-2.16.186.166
accept-ranges: bytes
content-length: 17418
access-control-expose-headers: X-CDN

GET
H2 204 5296050.js Show response
bat.bing.com/p/action/ 0
110 B 210ms
210ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5296050.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Sep 2021 01:31:30 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 176F32DCFB8D42CA84988C35CAC366FD Ref B: FRAEDGE1406 Ref C: 2021-09-03T01:31:30Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
172 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5296050&tm=gtm002&Ver=2&mid=26695b04-8c2f-4a3d-b819-ed71f46fcf82&sid=aa894a200c5611ecaeb8856a0dd36556&vid=aa89fef00c5611ecb17427015eaeaeda&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=SoFi%20App%20Download&p=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&r=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&lt=1252&evt=pageLoad&msclkid=N&sv=1&rn=8568
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 03 Sep 2021 01:31:30 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 5F75699DA27C4BF5A23B6959E5D26F2E Ref B: FRAEDGE1406 Ref C: 2021-09-03T01:31:30Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
335 B 71ms
11ms Image
image/gif 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=0e376ffe-59b2-4c91-8a47-32d3269918f9&it=1630632690956&v=0.0.20&u=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&r=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&st=1630632690956&et=1630632690957&if=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 01:31:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/704f7088dcd95042947a0264fb79cec3/ 3 MB
1 MB 67ms
7ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/704f7088dcd95042947a0264fb79cec3/mparticle.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: d3c28db52bf39a12d1f7b539743a4aee4412b292fdc6ed3978c141fa1ba1a2b9

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 2443
x-origin-name: fastlyshield--shield_ssl_cache_dca17756_DCA
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-encoding: gzip
content-length: 1271190
x-served-by: cache-dca17756-DCA, cache-fra19161-FRA
server: Kestrel
x-timer: S1630632691.033922,VS0,VE2
vary: Accept, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 03 Sep 2021 01:50:47 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-10&cid=619720218.1630632691&jid=1319656199&_u=YGBAgEABAAAAAE~&z=447983007

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 46ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-10&cid=619720218.1630632691&jid=1319656199&_u=YGBAgEABAAAAAE~&z=447983007

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 17ms
17ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-56752751-1&cid=619720218.1630632691&jid=1793911589&gjid=203097848&_gid=423932040.1630632691&_u=YGDAAEABAAAAAG~&z=316594152

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 03 Sep 2021 01:31:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.sofi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-56752751-10&cid=619720218.1630632691&jid=61657870&gjid=1062717781&_gid=423932040.1630632691&_u=YGDAAEABAAAAAG~&z=353935700

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 03 Sep 2021 01:31:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.sofi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pub346aa021e965843c43f563f0bf19854f
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 199ms
199ms Ping
application/json 2600:1f18:24e6:b901:343e:fcbb:d36e:974c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub346aa021e965843c43f563f0bf19854f?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Awordpress&batch_time=1630632690992
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:343e:fcbb:d36e:974c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Sep 2021 01:31:31 GMT
content-length: 2
content-type: application/json

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 30ms
30ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-10&cid=619720218.1630632691&jid=61657870&_u=YGDAAEABAAAAAG~&z=320141281

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 46ms
26ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-10&cid=619720218.1630632691&jid=61657870&_u=YGDAAEABAAAAAG~&z=320141281

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPmclJLU4fICFVIA4AodHDkH3g;src=6375438;type=brand0;cat=unive0;ord=9387892431102;gtm=2wg910;auiddc=*;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2F...
adservice.google.com/ddm/fls/z/ Frame 082D 42 B
515 B 68ms
18ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPmclJLU4fICFVIA4AodHDkH3g;src=6375438;type=brand0;cat=unive0;ord=9387892431102;gtm=2wg910;auiddc=*;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html

Requested by

Host: 6375438.fls.doubleclick.net
URL: https://6375438.fls.doubleclick.net/activityi;dc_pre=CPmclJLU4fICFVIA4AodHDkH3g;src=6375438;type=brand0;cat=unive0;ord=9387892431102;gtm=2wg910;auiddc=651778324.1630632690;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6375438.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set iu3 Show response
s.amazon-adsystem.com/ Frame C746
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%...

602 B
1 KB

124ms
123ms

Document
text/html

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=914119576978372700&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

919ece20744b338e82d7decdb3877fbeff33f7b9b304a2e4cced3e710ebddec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://6375438.fls.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A6cRE-shlUkdgo9OWpEpDdk|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://6375438.fls.doubleclick.net/

Response headers

Server: Server
Date: Fri, 03 Sep 2021 01:31:31 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 602
Connection: keep-alive
x-amz-rid: TJTF40622EWPV0BKX6KH
Set-Cookie: ad-id=A6cRE-shlUkdgo9OWpEpDdk; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 01:31:31 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Oct-2026 01:31:31 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: Server
Date: Fri, 03 Sep 2021 01:31:31 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: D35BAYFHDV7B5SB3D4QF
Set-Cookie: ad-id=A6cRE-shlUkdgo9OWpEpDdk|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 01:31:31 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=914119576978372700&dcc=t
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H3-29 200 2413621935583288 Show response
connect.facebook.net/signals/config/ 39 KB
11 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2413621935583288?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1dc2358094b3f58826a941f76860864973aa1f746b909c30f6ec7f804b77ae5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 10747
x-xss-protection: 0
pragma: public
x-fb-debug: 4vPJ+5dg6PL3Uy7UTnj2DhLG3xjBX8pbWI6bbJAQhIiErL75KQ2DMQI7/36XGKQUsiUSLDyue6QoayaqEdRthw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 03 Sep 2021 01:31:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 28ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1460194797568320&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&if=false&ts=1630632691061&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=28&fbp=fb.1.1630632691048.1866251494&it=1630632690567&coo=false&tm=1&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 03 Sep 2021 01:31:31 GMT

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 82 B
309 B 409ms
101ms Stylesheet
text/css 52.202.228.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: contentdsp.com
URL: https://contentdsp.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.228.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-228-151.compute-1.amazonaws.com
Software: /
Resource Hash: 9494210c7ca5e3f5f8c84287ea5101ba95637822d04c04806899a7f738fc7215

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 03 Sep 2021 01:31:31 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 82
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 651 B
881 B 428ms
105ms Fetch
image/jpeg 52.202.228.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.228.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-228-151.compute-1.amazonaws.com
Software: /
Resource Hash: e47e3d98742eee3067dec14a963d6699f85f186695fd560b2e7fb2045b551b16

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 03 Sep 2021 01:31:31 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H/1.1 200
OK integrations Show response
rbx.sofi.com/ 42 B
246 B 101ms
100ms Script
text/javascript 159.203.152.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rbx.sofi.com/integrations?source=sofi
Requested by: Host: rbx.sofi.com
URL: https://rbx.sofi.com/assets/wxyz.rb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.152.45 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: a6e9e1722cffa254dc5061e3d89fc40a4faec0cd7d44819923657d498e8df822

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 01:31:31 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 jpuid Show response
getrockerbox.com/ 67 B
707 B 404ms
348ms Script
text/javascript 104.21.83.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/jpuid?jsonp=RB.jsonPUID
Requested by: Host: rbx.sofi.com
URL: https://rbx.sofi.com/assets/wxyz.rb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.83.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f08f3eba33d1827c8b4235d7f5fdd76a219800a90b6ab2bd9af8ad517e347b64

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyQvm2%2BJiU5ezub5oG9Cwxq1x4GzWMgSMbWLdckJM9VYkIJVkojia0oXQsvYy2gnnYdQPR4uJKK3xf3ypLsQowlVDbkRZEVwm%2BDfnAffYVmnrceB5Mr91VmSJ1kG8Bw5cogU"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 688b380fac42cda7-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H2 200 open Show response
api2.branch.io/v1/ 266 B
579 B 194ms
164ms XHR
application/json 2600:9000:223c:2a00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 46db4b2d6342d0ab48c687ffcbdcc09445907f57a22db5709252d9e615785878

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd25.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 227eb62897b84ab59f4b1707f1291a03-2021090301
content-length: 266
x-amz-cf-id: 8fnwJqfDIsFeLJAyy4E9qLMbl1uBxEHAT78iP-AIu0maxCmk_zD17Q==

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 22ms
17ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-1&cid=619720218.1630632691&jid=1793911589&_u=YGDAAEABAAAAAG~&z=373549073

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 22ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-1&cid=619720218.1630632691&jid=1793911589&_u=YGDAAEABAAAAAG~&z=373549073

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 19ms
17ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-10&cid=619720218.1630632691&jid=61657870&_u=YGDAAEABAAAAAG~&z=1197719002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
17ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-10&cid=619720218.1630632691&jid=61657870&_u=YGDAAEABAAAAAG~&z=1197719002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tv2track.php
collector-11685.tvsquared.com/ 42 B
276 B 121ms
114ms Image
image/gif 18.219.93.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-11685.tvsquared.com/tv2track.php?action_name=SoFi%20App%20Download&idsite=TV-8181361845-1&rec=1&r=038902&h=3&m=31&s=31&url=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&urlref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&_id=f7fd6cacfed30cf2&_idts=1630632691&_idvc=0&_idn=1&_viewts=&cookie=1&res=1600x1200&gt_ms=748
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.93.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-93-205.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 01:31:31 GMT
Server: nginx
Connection: keep-alive
Request-Id: 6a3fc4c3-30d3-46ef-89fa-e112ab5f4ae0
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Content-Type: image/gif

POST
H2 200 pub346aa021e965843c43f563f0bf19854f
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 142ms
141ms Ping
application/json 2600:1f18:24e6:b901:343e:fcbb:d36e:974c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub346aa021e965843c43f563f0bf19854f?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Awordpress&batch_time=1630632691153
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:343e:fcbb:d36e:974c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Sep 2021 01:31:31 GMT
content-length: 2
content-type: application/json

GET
H2 200 / Show response
ct.pinterest.com/user/ 466 B
715 B 130ms
60ms XHR
application/json 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2615220189149&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1630632691182
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ec8b38af934a1224ef77262e812fe959b695673382791dfe6a8915923f5437eb

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:31 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sofi.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPVpqQmlaR1ZrTmpndFpURmpNaTAwTWpRMUxXRm1NR0l0TlRsaU5HVTJZamsyWmpjNA
x-pinterest-rid: 1061801516285871
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
content-length: 338
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
96 B 123ms
60ms Image
image/gif 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2615220189149&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.sofi.com%2Fapp-download.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.sofi.com%2Fapp-download.html%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2289cd5bf4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1630632691190
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:31 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1805511308740860
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 299722910906023 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/299722910906023?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42698a7843c52f42c72b149808548338c190f24416742f4b6aae0f720c2e551b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89586
x-xss-protection: 0
pragma: public
x-fb-debug: cF15aT+bJjazjeiG+DSw70pYsPAg/k9GM8qqEjFZ6bo39lpb7/WbUWWrfsuMB/4js0wLUKeA4G+yioRGEfKhMg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 03 Sep 2021 01:31:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2413621935583288&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&if=false&ts=1630632691198&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=28&fbp=fb.1.1630632691048.1866251494&it=1630632690567&coo=false&tm=1&exp=p0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 03 Sep 2021 01:31:31 GMT

POST
H2 200 event Show response
api.trafficguard.ai/api/v3/client-side/validate/ 61 B
724 B 150ms
120ms XHR
application/json 34.120.121.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trafficguard.ai/api/v3/client-side/validate/event

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.121.20 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

20.121.120.34.bc.googleusercontent.com

Software

Resource Hash

18cccf9f3ae615df065ef20111e050bb202254d4cf780c150927f51d00d6bffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Requested-With, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag: W/"3d-+VrgqwIBqu+GaYyaxm1oD9TgRqA"
expect-ct: max-age=0, report-uri="https://trafficguard.report-uri.com/r/d/ct/reportOnly"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sofi.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 61
x-xss-protection: 0

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
388 B 184ms
184ms XHR
application/json 2600:9000:223c:2a00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd25.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 87e8b10291dc4a608cc4f9f2398b8c24-2021090301
content-length: 28
x-amz-cf-id: Qfxi1GE-HtQVNcMYYIYyERGFnD5jTzdDZB5Fzhg4nqaxQWxoVq0XuQ==

GET
H3-29 200 177860490133838 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/177860490133838?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5fa0f07620dd513fee4c7b6c6eb238a0adf3ef54a07382cc9686484441a14d76

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89223
x-xss-protection: 0
pragma: public
x-fb-debug: TPazFlNhDLsTl98+LZRLqUdgv5xPRSjOTzGG+nuf/oBXXqZToHuTcYUhm49W78CkJ9/bMudTuQfNNwLnlxebZQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 03 Sep 2021 01:31:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=299722910906023&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&if=false&ts=1630632691312&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630632691048.1866251494&it=1630632690567&coo=false&tm=1&exp=p0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 03 Sep 2021 01:31:31 GMT

OPTIONS
H2 200 /
sdk.iad-03.braze.com/api/v3/data/ Frame 0
0 409ms
390ms Preflight 151.101.13.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/data/

Protocol

Server

151.101.13.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Origin: https://www.sofi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Fri, 03 Sep 2021 01:31:31 GMT
via: 1.1 varnish
x-served-by: cache-fra19130-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1630632691.463731,VS0,VE379
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 204 identify
analytics.sofi.com/mp/web/v1/ Frame 0
0 841ms
787ms Preflight 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.sofi.com/mp/web/v1/identify

Protocol

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-mp-key
Origin: https://www.sofi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 03 Sep 2021 01:31:32 GMT
accept-ranges: bytes
access-control-allow-headers: content-type,x-mp-key
age: 2730
strict-transport-security: max-age=15552000
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1315
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-sea4436-SEA
x-timer: S1630632692.181356,VS0,VE0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.sofi.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-sr-trace-id: 0588233ee54f9f78c3fef833fff80008
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcf4jhmgkDZKZNEriV%2BH8VAbaqjiA1AwaY0KddZERE8otsjiZAu8M61rLQwAbUVWoAv3etWluDI2eRRtLKioXqIxysI3qRyOAZtJwgB6ugEVeUbfnMWOj6tn8rTG4ThJfLcbow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 688b381209173318-CDG

GET
H2 200 7f85a56ba4.css
use.fontawesome.com/ 1 KB
1 KB 41ms
13ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/7f85a56ba4.css
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/704f7088dcd95042947a0264fb79cec3/mparticle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7180
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: MWFFP00J4FN56JFH
x-amz-id-2: 5/bOKr313dKi97KTRRannnbDKb5WWOZXzqOg4bws+qaziPjRH+6pNsddmlQ6sG5z8q6p2P5PBcA=
last-modified: Wed, 30 Jun 2021 21:14:33 GMT
server: cloudflare
etag: W/"8360eb270b919a1fb4776bc448d9ed14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sw%2BahKKSIokcUqSi5zLGip7GTtdWa3xGNWhnnkt0tnlDjUXVpnOABcffIEEO6TVvf%2F5d4Nmmw2I2SJApizf2z%2BSsQZLN7xNQRPmt%2BORvY0tm%2FiMjlAxs3mFJ2epDLynIc6Ji4SuW67XT1y5t8o%2B1DJLa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 688b381189de4aaf-FRA

POST
H2 201 / Show response
sdk.iad-03.braze.com/api/v3/data/ 2 KB
960 B 207ms
207ms XHR
application/json 151.101.13.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/data/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1d6ea7d89ab35723423129c2ea72b7d3e743aac868992950db5f231e0cbed451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sofi.com/
X-Braze-Api-Key: 55c370dd-bb3f-475c-8a54-50403ffea8cc
X-Braze-TriggersRequest: true
X-Requested-With: XMLHttpRequest
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 03 Sep 2021 01:31:32 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: e871cfa6-0b04-49d0-b23a-f3ba5c023b2a
x-served-by: cache-fra19130-FRA
x-runtime: 0.105204
server: nginx
x-timer: S1630632692.854467,VS0,VE200
etag: W/"1d6ea7d89ab35723423129c2ea72b7d3"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

POST identify
analytics.sofi.com/mp/web/v1/ 0
0

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
198 B 124ms
62ms XHR
text/plain 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/md/
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:31 GMT
referrer-policy: origin
x-cdn: fastly
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 5132088896297653
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 22ms
12ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer: https://use.fontawesome.com/7f85a56ba4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5030648
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: BVYNR017DZMX3ZD5
x-amz-id-2: QGjj4hxJUhuaeVUZXRjN85iZvcJa67QWP4rmwsnDS8rLQDMUxrDVFqF/Bir2ZYZv+FIyO3nBxiU=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsXgpk1BdDqPt8xg63QU9zoYbJ%2BgDCXaHJcJ7t3cNW0PcGIne28TJFdw%2FVRQkR1IeCDa1uaePG7iF9r8UeotZW4GcO7Nv9PsKm7RT9JMbnsHe68XdE7BHh6KYiW1u2CH5M7xaT5t%2F0Dj3Ny%2BTVOPHMaJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 688b38121e6242db-FRA

POST
H2 200 pub346aa021e965843c43f563f0bf19854f
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 104ms
103ms Ping
application/json 2600:1f18:24e6:b901:343e:fcbb:d36e:974c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub346aa021e965843c43f563f0bf19854f?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Awordpress&batch_time=1630632691534
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:343e:fcbb:d36e:974c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Sep 2021 01:31:31 GMT
content-length: 2
content-type: application/json

GET
H3-29 200 3030946783633619 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 11ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3030946783633619?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

648ee60728169cb970f83890be6b4db404afdb11a87af309bd5eedb048f02b7d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89223
x-xss-protection: 0
pragma: public
x-fb-debug: jDi56b1Uz9lfwDJ8/hFdXF+B8hBmnv6mHVW4M9GUxfi9Gu0teSOVUE1QDf4uP7y/grfVdkFPWqJdbyDvAbwk9A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 03 Sep 2021 01:31:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1460194797568320&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&if=false&ts=1630632691549&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=28&fbp=fb.1.1630632691048.1866251494&it=1630632690567&coo=false&exp=p0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 03 Sep 2021 01:31:31 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 11ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2413621935583288&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&if=false&ts=1630632691551&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=28&fbp=fb.1.1630632691048.1866251494&it=1630632690567&coo=false&exp=p0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 03 Sep 2021 01:31:31 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 11ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=299722910906023&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&if=false&ts=1630632691555&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1630632691048.1866251494&it=1630632690567&coo=false&exp=p0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 03 Sep 2021 01:31:31 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 11ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177860490133838&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&if=false&ts=1630632691557&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630632691048.1866251494&it=1630632690567&coo=false&exp=p0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 03 Sep 2021 01:31:31 GMT

POST
H2 200 custom Show response
api2.branch.io/v2/event/ 2 B
315 B 161ms
160ms XHR
application/json 2600:9000:223c:2a00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v2/event/custom
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
x-branch-event-extra: {}
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-branch-request-id: 2a19e199d9094abeb6c3f1bc3f159f10-2021090301
content-length: 2
via: 1.1 3a3c1dcacd115187f53f40028ae4bd25.cloudfront.net (CloudFront)
x-amz-cf-id: cv7P62nEBlB0HeHIq8P-P_Fgiu_lqeY5IuoBvmCg2UFPAtmRfRBTZg==

GET
H/1.1 200
OK rb
rbx.sofi.com/v2/ 44 B
332 B 105ms
100ms Image
image/gif 159.203.152.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbx.sofi.com/v2/rb?pageReferrer=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&url=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&action=view&source=sofi&rb_source=sofi&script_version=wxyz.rb.js&sessionId=6befcc2a-2d5a-422d-b8d8-48ae804be0ad&uid=rbos-522acd4f-30a2-4eb1-a014-b80164ef2603
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.152.45 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 01:31:31 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK rb
rbx.sofi.com/v2/ 44 B
332 B 201ms
95ms Image
image/gif 159.203.152.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbx.sofi.com/v2/rb?pageReferrer=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&url=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&action=identify&source=sofi&rb_source=sofi&branch_id=962150120480773258&branch_browser_id=OTYyMTUwMTE4NTIyMjQxODI5&script_version=wxyz.rb.js&sessionId=6befcc2a-2d5a-422d-b8d8-48ae804be0ad&uid=rbos-522acd4f-30a2-4eb1-a014-b80164ef2603
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.152.45 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 01:31:31 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 422B 5 KB
6 KB 105ms
105ms Document
text/html 209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=qtCUW7OJRZiHgvZZ6kranw&ep=XskVaNBDiyBR6ZvBA2xJx623ek75O_MaNV60IPWUD1vw2PyGziQC55hZ3BnFPm5Ep91oob2UbkBeV7gzVD797mCBrIwl8uA6345TJuhN7mo

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=914119576978372700&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

59ea265668b52f14ef84136d436948e3e6e2cf28ffbc7d9ae0c5305940c1f271

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=914119576978372700&dcc=t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A6cRE-shlUkdgo9OWpEpDdk; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=914119576978372700&dcc=t

Response headers

Server: Server
Date: Fri, 03 Sep 2021 01:31:31 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 5343
Connection: keep-alive
x-amz-rid: EEGWZQTVCQ4CQGHJAWW0
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
796 B 101ms
100ms XHR
text/plain 52.202.228.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=wbmz7OzVdviwBCfzIzP8YA&is_js=true&landing_url=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&t=SoFi%20App%20Download&host=https://www.sofi.com
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.228.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-228-151.compute-1.amazonaws.com
Software: /
Resource Hash: f3b150c26e10920013bb7c75dd987ee91b4113bd631b0468cbff8c6f8bf4ea62

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 01:31:31 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.sofi.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 138

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3030946783633619&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&if=false&ts=1630632691615&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630632691048.1866251494&it=1630632690567&coo=false&exp=p0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 03 Sep 2021 01:31:31 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1621550208998%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=5PHGvQ99999q2EaC

43 B
556 B

256ms
135ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=5PHGvQ99999q2EaC

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=qtCUW7OJRZiHgvZZ6kranw&ep=XskVaNBDiyBR6ZvBA2xJx623ek75O_MaNV60IPWUD1vw2PyGziQC55hZ3BnFPm5Ep91oob2UbkBeV7gzVD797mCBrIwl8uA6345TJuhN7mo

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8K2M0HTJ9JW6JZKRTERM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=5PHGvQ99999q2EaC
Date: Fri, 03 Sep 2021 01:31:31 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 1e1d
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=164881003898000006364&ex=neustar.biz

43 B
556 B

208ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=164881003898000006364&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:31 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CVF613SA692GTEEZVSQ7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:31 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=164881003898000006364&ex=neustar.biz
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5774301286
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5774301286
https://sync.1rx.io/usersync/tradedesk/bc8ee7db-f853-4ff1-a902-3c9df281e17e
https://sync.targeting.unrulymedia.com/csync/RX-f5ff8707-3c0c-451e-ab6a-e411832e1c1f-003?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-f5ff8707-3c0c-451e-ab6a-e411832e1c1f-003%26ex%3Dr...
https://s.amazon-adsystem.com/ecm3?id=RX-f5ff8707-3c0c-451e-ab6a-e411832e1c1f-003&ex=rhythmone.com

43 B
556 B

110ms
109ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=RX-f5ff8707-3c0c-451e-ab6a-e411832e1c1f-003&ex=rhythmone.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:33 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 77Z527Y73YDJNJ849PHN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=RX-f5ff8707-3c0c-451e-ab6a-e411832e1c1f-003&ex=rhythmone.com
date: Fri, 03 Sep 2021 01:31:33 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXf5ff87073c0c451eab6ae411832e1c1f003
content-type: text/html

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=0d3126e141e7ab166892e83146a9da11

43 B
556 B

106ms
106ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=0d3126e141e7ab166892e83146a9da11

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:31 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6PPQBZ12Q9J63T51VJHE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=0d3126e141e7ab166892e83146a9da11
date: Fri, 03 Sep 2021 01:31:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=UMJ31Q99999q2EaC

43 B
556 B

234ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=UMJ31Q99999q2EaC

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: RQZCKPH5S51W62KV9K1X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=UMJ31Q99999q2EaC
Date: Fri, 03 Sep 2021 01:31:31 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 44ff
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UPab05d729-0c56-11ec-9d7d-02eadc0512aa
https://s.amazon-adsystem.com/ecm3?id=b4114a5712198578f7d859d2548503278a4fd425&ex=aoldisplay.com

43 B
556 B

273ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=b4114a5712198578f7d859d2548503278a4fd425&ex=aoldisplay.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8Q6X9Y1SFKPBWBSV1FHW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 03 Sep 2021 01:31:31 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?id=b4114a5712198578f7d859d2548503278a4fd425&ex=aoldisplay.com
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=04cfa1c9-8617-4440-9870-87461c323f7e

43 B
556 B

296ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=04cfa1c9-8617-4440-9870-87461c323f7e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: M040NM14TY1M74CVTZ3G
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Date: Fri, 03 Sep 2021 01:31:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=04cfa1c9-8617-4440-9870-87461c323f7e

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 422B 43 B
183 B 294ms
94ms Image
image/gif 2600:1f18:612b:4232:542e:84b1:1361:c28e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=qtCUW7OJRZiHgvZZ6kranw&ep=XskVaNBDiyBR6ZvBA2xJx623ek75O_MaNV60IPWUD1vw2PyGziQC55hZ3BnFPm5Ep91oob2UbkBeV7gzVD797mCBrIwl8uA6345TJuhN7mo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:542e:84b1:1361:c28e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 422B 0
0 107ms
33ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=qtCUW7OJRZiHgvZZ6kranw&ep=XskVaNBDiyBR6ZvBA2xJx623ek75O_MaNV60IPWUD1vw2PyGziQC55hZ3BnFPm5Ep91oob2UbkBeV7gzVD797mCBrIwl8uA6345TJuhN7mo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 /
spl.zeotap.com/ Frame 422B 731 B
731 B 41ms
16ms Image
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1353&env=mWeb&eventType=pageview&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%24_ZTP_UUID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=qtCUW7OJRZiHgvZZ6kranw&ep=XskVaNBDiyBR6ZvBA2xJx623ek75O_MaNV60IPWUD1vw2PyGziQC55hZ3BnFPm5Ep91oob2UbkBeV7gzVD797mCBrIwl8uA6345TJuhN7mo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 688b38136dbc4abd-FRA
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=be28bd1d3a214546e7029d58f9eb1c&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

276ms
107ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=be28bd1d3a214546e7029d58f9eb1c&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BTTWKM25MFFFAZYH8XV2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:31 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=be28bd1d3a214546e7029d58f9eb1c&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1630632690875085-383
Expires: Fri, 03 Sep 2021 01:31:31 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
556 B

251ms
105ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: EZ905V2A56AY68J3DZR7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 03 Sep 2021 01:31:31 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
content-security-policy-report-only: default-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com; script-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=SCYWZ6HRJX7MTEXNRDZ8:sn=www.imdb.com
x-cache: Miss from cloudfront
vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
server: Server
x-amz-rid: SCYWZ6HRJX7MTEXNRDZ8
strict-transport-security: max-age=47474747; includeSubDomains; preload
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
permissions-policy: interest-cohort=()
x-amz-cf-id: m--kwXDDNhmu1_k1asL-2lL2U1C70BMAoKzsfiGqgBFnhEjfbLgndA==

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 422B 0
263 B 420ms
105ms Image
text/plain 3.94.65.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=qtCUW7OJRZiHgvZZ6kranw&ep=XskVaNBDiyBR6ZvBA2xJx623ek75O_MaNV60IPWUD1vw2PyGziQC55hZ3BnFPm5Ep91oob2UbkBeV7gzVD797mCBrIwl8uA6345TJuhN7mo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.65.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-65-142.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Server: nginx/1.16.1
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e178bb18b11233ec

43 B
556 B

113ms
112ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e178bb18b11233ec

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1XHZVQMGZTVBD9FHQ37D
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e178bb18b11233ec
date: Fri, 03 Sep 2021 01:31:32 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 93
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=bsniHK9SRsSsM7PZHRWCjw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=bsniHK9SRsSsM7PZHRWCjw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=91282974461822426520882031666911645302

43 B
556 B

110ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=91282974461822426520882031666911645302

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FWV5ZZXM3B4VNVV80RCR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v015-0daa04ce6.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 1NJkeSfmTiY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=91282974461822426520882031666911645302
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=x-f9XwDRQmKRX3T8u_-2zg
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10821164742302747447&gdpr=&gdpr_consent=

43 B
556 B

110ms
110ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10821164742302747447&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4ZJ0JP11Y5F4YRD6ZA1Z
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:32 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10821164742302747447&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame 422B 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=9031033078855513488

43 B
556 B

111ms
111ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=9031033078855513488

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: MF2SGGRK1NQQ60QXY6G3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:32 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=9031033078855513488
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=ab455ab2-0c56-11ec-b8de-10d4c6b20406
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=ab455a56-0c56-11ec-b8de-10d4c6b20406

43 B
556 B

109ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=ab455a56-0c56-11ec-b8de-10d4c6b20406

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NE1FB70W3KX1RBC6CA5V
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 03 Sep 2021 01:31:32 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=ab455a56-0c56-11ec-b8de-10d4c6b20406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 33
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%222b4789b4-a37c-4e64-b89a-b1d968b7ad97%22,%22Time%22:%2220210902T213132.191802%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=2b4789b4-a37c-4e64-b89a-b1d968b7ad97

43 B
556 B

109ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=2b4789b4-a37c-4e64-b89a-b1d968b7ad97

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:33 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BC92EB64V058YSR7H9SW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=2b4789b4-a37c-4e64-b89a-b1d968b7ad97
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEOEuJmqC1x-xClzNp0qoBjs&google_cver=1

43 B
556 B

109ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEOEuJmqC1x-xClzNp0qoBjs&google_cver=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: F6RN9Z2H9NC6SENTQTDD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEOEuJmqC1x-xClzNp0qoBjs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 422B
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=amzn
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

0
338 B

348ms
31ms

Image
text/plain

52.48.23.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=qtCUW7OJRZiHgvZZ6kranw&ep=XskVaNBDiyBR6ZvBA2xJx623ek75O_MaNV60IPWUD1vw2PyGziQC55hZ3BnFPm5Ep91oob2UbkBeV7gzVD797mCBrIwl8uA6345TJuhN7mo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.23.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-23-163.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:32 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1630632692
x-served-by: beacon-n014-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
date: Fri, 03 Sep 2021 01:31:32 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a009-ash-prod.krxd.net

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=8f6d8ff9d9582f1a98e53beb00200407

43 B
556 B

109ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=8f6d8ff9d9582f1a98e53beb00200407

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:33 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3T2A0JEMVEQETBRTFSG7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 03 Sep 2021 01:31:33 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=8f6d8ff9d9582f1a98e53beb00200407
content-length: 108
x-amz-cf-id: qBWLGyw32Xd7nml96Y8gk3xiTzS9MPchMyfhNoSjsr4KXBE_RtjJvA==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=e618c6a5-00ac-cfe9-3831-36e7afcfc0e1

43 B
556 B

107ms
107ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=e618c6a5-00ac-cfe9-3831-36e7afcfc0e1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: EH0HA6D61BTJ6MC6F18F
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 03 Sep 2021 01:31:32 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=e618c6a5-00ac-cfe9-3831-36e7afcfc0e1
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1
https://s.amazon-adsystem.com/ecm3?ex=index&id=KGNNxENoj59XVRiCqzgwbDc4dAU4ZgIC

43 B
556 B

105ms
105ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KGNNxENoj59XVRiCqzgwbDc4dAU4ZgIC

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: B6QZ5ZV65EMP9M6BCGPR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KGNNxENoj59XVRiCqzgwbDc4dAU4ZgIC
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 267
Expires: Fri, 03 Sep 2021 01:31:32 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=999B04EF0211E2A

43 B
556 B

115ms
111ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=999B04EF0211E2A

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:33 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9F4YVFKAM9VR7QNXBR9G
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:29 GMT
frontend-id: 0
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=999B04EF0211E2A
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://s.amazon-adsystem.com/ecm3?id=8804190116087319814&ex=appnexus.com

43 B
556 B

107ms
106ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=8804190116087319814&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6HDRFDVP937CWZ3TE17V
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6fd93c60-7958-45c2-9364-eb21d9bc427e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=8804190116087319814&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=mxP_OhKwHw6evDslGPWAgA&ex=rubiconproject.com&status=ok

43 B
556 B

110ms
109ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=mxP_OhKwHw6evDslGPWAgA&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZRR12MYP0JX54PQP1BXE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=mxP_OhKwHw6evDslGPWAgA&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=qtCUW7OJRZiHgvZZ6kranw&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
556 B

104ms
103ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: S2NGK2WY0NHTWW8AWQCK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-4dc3de8c-1758-436c-8589-d2a38213d7be&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-4dc3de8c-1758-436c-8589-d2a38213d7be&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.co...
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-4dc3de8c-1758-436c-8589-d2a38213d7be

43 B
556 B

109ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-4dc3de8c-1758-436c-8589-d2a38213d7be

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:33 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: X6WZ2X9PY6ZM8R62FW18
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-4dc3de8c-1758-436c-8589-d2a38213d7be
date: Fri, 03 Sep 2021 01:31:33 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 204 /
loadus.exelator.com/load/ Frame 422B 0
324 B 106ms
32ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=qtCUW7OJRZiHgvZZ6kranw&ep=XskVaNBDiyBR6ZvBA2xJx623ek75O_MaNV60IPWUD1vw2PyGziQC55hZ3BnFPm5Ep91oob2UbkBeV7gzVD797mCBrIwl8uA6345TJuhN7mo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2DF67A31617D47D09602F4F40A

43 B
556 B

109ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2DF67A31617D47D09602F4F40A

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9E70XRMNTH6AFNHSPZE6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 03 Sep 2021 01:31:34 GMT
Server: openresty/1.15.8.2
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2DF67A31617D47D09602F4F40A
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Content-Length: 151
Expires: Fri, 03 Sep 2021 01:31:33 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-4U.4foB1l2OH7hMRkbLH1_OWoO.y.Io-

43 B
556 B

119ms
118ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-4U.4foB1l2OH7hMRkbLH1_OWoO.y.Io-

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: B6PSKX4FZ2SXWS1N7MG9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 03 Sep 2021 01:31:32 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-4U.4foB1l2OH7hMRkbLH1_OWoO.y.Io-
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=6a4150aff59589bb039310ae7d3e257e0eeec3e7d753a773d656d6dba0b99485

43 B
556 B

110ms
107ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=6a4150aff59589bb039310ae7d3e257e0eeec3e7d753a773d656d6dba0b99485

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Q3J6T2SQD0A3QY0RQNBY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Sep 2021 01:31:32 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=6a4150aff59589bb039310ae7d3e257e0eeec3e7d753a773d656d6dba0b99485
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=2E56D3F2-7514-4CBA-B263-3B72E9C363E7

43 B
556 B

107ms
107ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=2E56D3F2-7514-4CBA-B263-3B72E9C363E7

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:33 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 7QJXQ6EVV9QXYVWZ2HJF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=2E56D3F2-7514-4CBA-B263-3B72E9C363E7
date: Fri, 03 Sep 2021 01:31:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1630090234400%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=xtf-1630090234400&id=UMJ31Q99999q2EaC

43 B
556 B

105ms
104ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xtf-1630090234400&id=UMJ31Q99999q2EaC

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YEQ70XT9Z9QBQ2HZ1CYF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Location: https://s.amazon-adsystem.com/ecm3?ex=xtf-1630090234400&id=UMJ31Q99999q2EaC
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
BK-Server: 93b1
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 422B
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=4197a0e9-f9e3-4a38-925a-dde9afc0efc6-tuct82b0074

43 B
556 B

110ms
109ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=4197a0e9-f9e3-4a38-925a-dde9afc0efc6-tuct82b0074

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 01:31:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QSNVCXYH81EMRY5FMWPR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=4197a0e9-f9e3-4a38-925a-dde9afc0efc6-tuct82b0074
date: Fri, 03 Sep 2021 01:31:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14127

OPTIONS
H2 200 sync
sdk.iad-03.braze.com/api/v3/content_cards/ Frame 0
0 384ms
383ms Preflight 151.101.13.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/content_cards/sync

Protocol

Server

151.101.13.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Origin: https://www.sofi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Fri, 03 Sep 2021 01:31:32 GMT
via: 1.1 varnish
x-served-by: cache-fra19130-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1630632692.065331,VS0,VE373
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 sync Show response
sdk.iad-03.braze.com/api/v3/content_cards/ 85 B
224 B 130ms
129ms XHR
application/json 151.101.13.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/content_cards/sync

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cb48ebfcab75cca33caf936845b2dc8d25228b7722ec3f9224a753caead7f122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sofi.com/
X-Braze-Api-Key: 55c370dd-bb3f-475c-8a54-50403ffea8cc
X-Requested-With: XMLHttpRequest
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Braze-ContentCardsRequest: true
Content-type: application/json

Response headers

date: Fri, 03 Sep 2021 01:31:32 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: ac889682-8019-43e3-892c-5eca67c9ca99
x-served-by: cache-fra19130-FRA
x-runtime: 0.026787
server: nginx
x-timer: S1630632692.450048,VS0,VE122
etag: W/"cb48ebfcab75cca33caf936845b2dc8d"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=299722910906023&ev=Microdata&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&if=false&ts=1630632692816&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SoFi%20App%20Download%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1630632691048.1866251494&it=1630632690567&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 03 Sep 2021 01:31:32 GMT

POST
H2 200 pub346aa021e965843c43f563f0bf19854f
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 201ms
200ms Ping
application/json 2600:1f18:24e6:b901:343e:fcbb:d36e:974c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub346aa021e965843c43f563f0bf19854f?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Awordpress&batch_time=1630632692857
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:343e:fcbb:d36e:974c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Sep 2021 01:31:33 GMT
content-length: 2
content-type: application/json

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177860490133838&ev=Microdata&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&if=false&ts=1630632693059&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SoFi%20App%20Download%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1630632691048.1866251494&it=1630632690567&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 03 Sep 2021 01:31:33 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3030946783633619&ev=Microdata&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&if=false&ts=1630632693117&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SoFi%20App%20Download%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1630632691048.1866251494&it=1630632690567&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:31:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 03 Sep 2021 01:31:33 GMT

POST
H2 200 event Show response
api.trafficguard.ai/api/v3/client-side/validate/ 61 B
334 B 118ms
117ms XHR
application/json 34.120.121.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trafficguard.ai/api/v3/client-side/validate/event

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.121.20 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

20.121.120.34.bc.googleusercontent.com

Software

Resource Hash

18cccf9f3ae615df065ef20111e050bb202254d4cf780c150927f51d00d6bffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 03 Sep 2021 01:31:34 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Requested-With, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag: W/"3d-+VrgqwIBqu+GaYyaxm1oD9TgRqA"
expect-ct: max-age=0, report-uri="https://trafficguard.report-uri.com/r/d/ct/reportOnly"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sofi.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 61
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.sofi.com
URL: https://www.sofi.com/app-download.html

Domain: analytics.sofi.com
URL: https://analytics.sofi.com/mp/web/v1/identify

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sofi.com/	1970-01-19 20:57:14	Name: mjs-sid Value: 1630632690295
.sofi.com/	1970-01-19 23:06:48	Name: _gcl_au Value: 1.1.651778324.1630632690
www.sofi.com/	1970-01-19 20:57:13	Name: _dd_s Value: rum=1&id=67eb3de1-a1be-4cf6-918c-38381c106d38&created=1630632689850&expire=1630633589850
.sofi.com/	1970-01-19 20:57:14	Name: __cf_bm Value: WcQzT34zj88ebSfFp4htc_DAmzjge4Hl_zGR4LOjpYA-1630632685-0-AWl9TLhHIf/eIPmmlDKTPWqxiEYywAYsUgR+tupqz6ThkKP67HcPMMxV2cVTE5i48AkkXPZEKH0ABpTSEzP83QI=
www.sofi.com/	1970-01-19 20:57:16	Name: cf_chl_prog Value: a10
.sofi.com/	1969-12-31 23:59:59	Name: __cfruid Value: 34a1c3d4a6fafb17a050f7c13d74b00815b0a684-1630632689
www.sofi.com/	1970-01-25 20:05:16	Name: SOFI_WEB_USER_ID Value: Cv5CBGExevGlFAAak8N9Ag==
www.sofi.com/	1970-01-19 20:57:16	Name: cf_chl_rc_ni Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js(Line 5) Message: There was an error with your callback: TypeError: Cannot read property 'getAllUserAttributes' of null
console-api	error	URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js(Line 5) Message: Error parsing JSON response from Identity server: TypeError: Cannot read property 'mpid' of undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6375438.fls.doubleclick.net
a.quora.com
aa.agkn.com
ablink.o.sofi.org
acdn.adnxs.com
ads.samba.tv
ads.stickyadstv.com
adservice.google.com
alb.reddit.com
amazon.partners.tremorhub.com
analytics.sofi.com
api.trafficguard.ai
api2.branch.io
app.link
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn.branch.io
cdn.c212.net
cdn.optimizely.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
collector-11685.tvsquared.com
connect.facebook.net
contentdsp.com
ct.pinterest.com
d32ijn7u0aqfv4.cloudfront.net
di.rlcdn.com
dpm.demdex.net
errors.client.optimizely.com
getrockerbox.com
ib.adnxs.com
image6.pubmatic.com
jssdkcdns.mparticle.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
match.adsrvr.org
odr.mookie1.com
pi.ispot.tv
pixel.advertising.com
pixel.placed.com
pixel.tapad.com
px.surveywall-api.survata.com
q.quora.com
rbx.sofi.com
rum-http-intake.logs.datadoghq.com
s.amazon-adsystem.com
s.pinimg.com
s.yimg.com
sb.scorecardresearch.com
sdk.iad-03.braze.com
sp.analytics.yahoo.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.1rx.io
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.myvisualiq.net
tags.bluekai.com
tags.srv.stackadapt.com
tgtag.io
tlxgvxfc.micpn.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
usersync.samplicio.us
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.imdb.com
www.redditstatic.com
www.sofi.com
x.bidswitch.net
analytics.sofi.com
px.surveywall-api.survata.com
www.sofi.com
104.111.215.191
104.18.15.42
104.21.83.150
13.248.242.197
13.32.112.63
13.32.118.202
13.32.121.33
13.32.121.50
13.32.121.72
141.226.228.48
142.250.185.130
142.250.185.70
151.101.13.140
151.101.13.2
151.101.13.208
151.101.14.132
159.203.152.45
18.196.210.39
18.219.93.205
18.66.108.171
18.66.97.26
185.33.221.14
185.64.189.115
185.94.180.126
199.232.80.84
2.18.232.130
2.18.234.21
2.18.234.233
209.54.178.82
212.82.100.181
212.82.100.182
213.19.147.45
2600:1f18:24e6:b901:343e:fcbb:d36e:974c
2600:1f18:612b:4232:542e:84b1:1361:c28e
2600:9000:223c:1800:16:cfb1:a0c0:93a1
2600:9000:223c:2a00:11:f728:3040:93a1
2600:9000:2240:1400:19:9934:6a80:93a1
2606:4700:10::6816:1957
2606:4700:3031::ac43:d645
2606:4700::6810:5f41
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:400c:c08::9c
2a02:26f0:6c00:2a8::13b8
2a02:26f0:6c00:2b9::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:600::645
3.125.192.222
3.126.56.137
3.224.194.150
3.94.65.142
34.120.121.20
34.120.230.83
34.231.184.117
34.236.226.59
34.254.143.3
34.98.64.218
34.98.67.61
35.170.144.83
35.176.195.187
35.227.248.159
35.244.174.68
37.157.6.241
45.79.141.248
52.17.185.148
52.202.228.151
52.48.23.163
52.52.150.75
52.59.115.28
52.72.27.138
54.175.65.195
54.93.133.131
69.173.144.138
77.243.60.138
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae
185bd5047699f7c070131ae87593e3d604bb8bfe00eab2e09ee5ee54171b4bb6
18cccf9f3ae615df065ef20111e050bb202254d4cf780c150927f51d00d6bffc
1c99c32c2af2f3e1b30815407cf3088e3a7250d7c3097b7060aded3410773029
1d6ea7d89ab35723423129c2ea72b7d3e743aac868992950db5f231e0cbed451
269388e6fcbb383445b8af330aa378fc02e2d0841be4d580298f35c073b6d445
28beb050e14f9ad88c22bab7ae5964e1319fbc6fa690a64b8177cb6a5d8af844
2d01731504733769dd4193c64072561f6bcc9bd16a0482203a8cb4290a24206a
2d3e3d9c7b9de2a66068db2e76ebd545ede4bcbd643e5a8dbea5af7993d4e43d
3006c9fd6d5b0c3339a8a7b2daee6a42c1cd00898ed9529f95dd7b673aa6d011
309c05dee1836ecaf00d0f572647f090b3d039bdba218c9d512ae33385479a04
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
388609c9305f93bd9ba1a4cb15986b9e5b94c89bf7c44d177271fae70fa9fdd9
39126af8d458c45fc18eb91010d42605f6e0e903de67d82f503b8e66c143204c
3ab2a342c7d07c83514822dcf164546b7228b874b50f4e5b2722fbe42058da9f
41ce98b6a5242e847585b14cb284048a261b34a13405fa99901c7a88a1b9438a
42698a7843c52f42c72b149808548338c190f24416742f4b6aae0f720c2e551b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a8a164121b2408e45b5ab1b7b7f3195e70fad2f842265c8c58bfb25987411f
450354397c0ece97c2d6842a3920399a9f8ebeb1b3e51bd1268d97c00e876e2b
46db4b2d6342d0ab48c687ffcbdcc09445907f57a22db5709252d9e615785878
47dfc6994762e99173524e82c2b542a20a22a5d4bb0e1249674749bb7930f59f
4ca96fce30a4c081ee7216b8305dfdbde550daf1a2dde8ebe5931675bc3b80a2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55edcf1a6c0f157cc8c9b38bf21c2a47ade7b29efa264010ac607100a3c50a77
59ea265668b52f14ef84136d436948e3e6e2cf28ffbc7d9ae0c5305940c1f271
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5fa0f07620dd513fee4c7b6c6eb238a0adf3ef54a07382cc9686484441a14d76
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
648ee60728169cb970f83890be6b4db404afdb11a87af309bd5eedb048f02b7d
64f707b22d1f8339a6506450fbb8c745633b98478703368b46823f86d53dcc33
6d08a356f0873504886459219680ead9b83a62e4352c1fb3eb2a4e0ea83ebeed
7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa
73acf9dbdd2a86dfbb64cebff7b5f0fe6182c3e3f5e84b5e857580d5685f475f
8283bca862d76a332c2e23e725893ee530cad25de99966e0c76e1cdd3f45cca9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859c087bf100bbde423cf929934183850fe36feb7bbb470afea90e7db0f89f5f
8821c36a87d3422ac25baca6844d6feb258cf0f12c8f992df2b60ecb58a5b93b
919ece20744b338e82d7decdb3877fbeff33f7b9b304a2e4cced3e710ebddec5
9494210c7ca5e3f5f8c84287ea5101ba95637822d04c04806899a7f738fc7215
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a6292e56b84d52df8bf30d8066cb00c02955c80f2f8b0232ef45bdf9fd5cdc1e
a6e9e1722cffa254dc5061e3d89fc40a4faec0cd7d44819923657d498e8df822
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a9c973307ab133dd6d5c0f99c28b806f6d2d35c0a0d1e421e4bc29d41a860b0c
af2966c91e845002ab923ea607a7d02f8aeb87698b9f1099a627a72835add06d
b13b4a1614e6b15a20235ec7bb3cf51cf996f7e165248287f3575ecbb3c51568
b1dc2358094b3f58826a941f76860864973aa1f746b909c30f6ec7f804b77ae5
b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5
b6820c0bd7e84991223198fb475a2c5163b3f16e490eccfed580435e90380904
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
bd746d12bcd3161bf23d7acbcbb49aeea5f283cad8611ae4e04e30e5e6e7b1c7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45
c88847e522ef9dfda5f1923a92fcf6bd7b0033c729b5aa05c5fbf7fdeb2b9f1c
cb48ebfcab75cca33caf936845b2dc8d25228b7722ec3f9224a753caead7f122
cd26f8e52d236e0c762ab5de965b5131e51561ccbd279b19ba5bad0cf229a19a
ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4
d3c28db52bf39a12d1f7b539743a4aee4412b292fdc6ed3978c141fa1ba1a2b9
db4fa78826fe4188ac570d30b1489bba9da09aaeed88978c533ddb3758a18c36
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e264b4b1c2b568b974eb4ee23328522d1a4fa24247736bc6b138f7fbdb3faef4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47e3d98742eee3067dec14a963d6699f85f186695fd560b2e7fb2045b551b16
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48
eaa525259deb6266c1a2a4207d90cc9c846390d079861e13dba9fbea26fe03ff
eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d
ec4be84528c51c7c0a7fe71c7bc019978880b73e1b524a1f87376e997ea6ee33
ec8b38af934a1224ef77262e812fe959b695673382791dfe6a8915923f5437eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef461c7c1d3972fcb7338c3c42215fd18ae5bf13736b2de69232a93ad25da76d
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f08f3eba33d1827c8b4235d7f5fdd76a219800a90b6ab2bd9af8ad517e347b64
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f3b150c26e10920013bb7c75dd987ee91b4113bd631b0468cbff8c6f8bf4ea62
f5104b1a5bd92dd06a62a537a136104a71f98978b37c594bf6c91f9968849a13
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.sofi.com Open in urlscan Pro 104.18.15.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

169 Requests

98 %HTTPS

26 %IPv6

71 Domains

84 Subdomains

50 IPs

9 Countries

2922 kBTransfer

6304 kBSize

8 Cookies

3 Outgoing links

Page URL History

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sofi.com Open in urlscan Pro
104.18.15.42 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

98 %
HTTPS

26 %
IPv6

71
Domains

84
Subdomains

50
IPs

9
Countries

2922 kB
Transfer

6304 kB
Size

8
Cookies

169 HTTP transactions
1 data transactions