sofi-us-dev-1.previews.prod.auth0users.com Open in urlscan Pro
2606:4700:4400::6812:24ba  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/	82 KB 17 KB	385ms 235ms	Document text/html	2606:4700:4400::6812:24ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:24ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 810ea3ceea2460b2d2ff12414ffca3fd8a654ea382b202f300ded36a9231e2eb Security Headers Name Value Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 9018837e58b47d06-EWR content-encoding br content-type text/html; charset=utf-8 date Mon, 13 Jan 2025 21:35:01 GMT expires 0 pragma no-cache server cloudflare strict-transport-security max-age=10368000; includeSubDomains surrogate-control no-store vary Accept-Encoding x-auth0-l 0.044 x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	datadog-rum-v4.js Show response www.datadoghq-browser-agent.com/	150 KB 47 KB	54ms 14ms	Script application/javascript	108.138.77.209 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.datadoghq-browser-agent.com/datadog-rum-v4.js Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.77.209 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-77-209.iad12.r.cloudfront.net Software AmazonS3 / Resource Hash cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers vary accept-encoding cache-control max-age=14400, s-maxage=60 timing-allow-origin * content-encoding br etag W/"2630b3d7ad4a41fac67742216e506d83" age 23 via 1.1 2ad6789a221bb559c9b8ce946b65a03a.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id WMYhiF2Hc7Dg2mu2LY0-lGb-020WPr2Xn_AZWLGBByXUN3iQYd6KVQ== date Mon, 13 Jan 2025 21:34:39 GMT content-type application/javascript last-modified Mon, 09 Oct 2023 11:26:13 GMT server AmazonS3 x-amz-cf-pop IAD12-P2 x-amz-server-side-encryption AES256
GET H2	200	ldclient:3.1.4.min.js Show response d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/scripts/	53 KB 19 KB	342ms 250ms	Script application/javascript	2600:9000:27ce:d200:10:8d:3740:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/scripts/ldclient:3.1.4.min.js Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:27ce:d200:10:8d:3740:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash be88542bc94765d005d79ae6d6119cdf5ac312260acee2a1d9cccb577d0e14ba Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers vary accept-encoding x-amz-replication-status COMPLETED cache-control max-age=86400 content-encoding gzip x-amz-version-id Ba04dONO6N9yZSJK28Xvo6TJUCeqIRdJ etag W/"547ed7944ebc6e9f8c3a50590f3abd39" via 1.1 912473ac1d19bf036ac06a064043c616.cloudfront.net (CloudFront) x-cache RefreshHit from cloudfront x-amz-cf-id FAGulJujdOZdXERQzIbGVJhYKvkvGkZNWRXj_ok5_TM0W5M4fcn-8g== date Mon, 13 Jan 2025 21:35:02 GMT content-type application/javascript last-modified Mon, 06 Jan 2025 23:17:46 GMT server AmazonS3 x-amz-cf-pop IAD55-P7 x-amz-server-side-encryption AES256
GET H2	200	gc-html5.js Show response cdn.geocomply.com/191/	520 KB 188 KB	270ms 121ms	Script application/javascript	3.162.101.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.geocomply.com/191/gc-html5.js Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.101.168 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-101-168.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 86bb6a1fe8c41c3bcb8a7ff89233d87e96e2c091903add96e34ae38c3237df89 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers vary accept-encoding, Origin content-encoding gzip etag W/"aaff425aeb2839020617c7fbb21efc75" x-amz-version-id 20fK9GjFsi0ofQZz9IPAHSxUQjbd989u via 1.1 be4fef3f6c1b2c76e0341ff49a27ce40.cloudfront.net (CloudFront) x-cache Miss from cloudfront x-amz-cf-id UiLLJJw14ABHPXOrtbZHBjzIGw-6JjxOtnaxGuku4h7_M2DvQI1lAw== date Mon, 13 Jan 2025 21:35:02 GMT content-type application/javascript last-modified Tue, 30 Jan 2024 10:22:39 GMT server AmazonS3 x-amz-cf-pop IAD61-P1 x-amz-server-side-encryption AES256
GET H2	404	%7B%7B%20COOKIELAW_URL%20%7D%7D sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/	0 0	194ms 192ms	Script text/plain	2606:4700:4400::6812:24ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/%7B%7B%20COOKIELAW_URL%20%7D%7D Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:24ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Response headers surrogate-control no-store cf-cache-status DYNAMIC x-content-type-options nosniff expires 0 x-auth0-l 0.020 x-auth0-not-found 1 alt-svc h3=":443"; ma=86400 date Mon, 13 Jan 2025 21:35:01 GMT vary Accept-Encoding x-frame-options SAMEORIGIN strict-transport-security max-age=10368000; includeSubDomains cache-control no-store, no-cache, must-revalidate, proxy-revalidate pragma no-cache cf-ray 9018837feb657d06-EWR x-xss-protection 1; mode=block server cloudflare
GET H2	200	sofi_logo_white_416x116.png d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/branding/logos/	10 KB 10 KB	105ms 15ms	Image image/png	2600:9000:27ce:d200:10:8d:3740:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/branding/logos/sofi_logo_white_416x116.png Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:27ce:d200:10:8d:3740:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4161e8b093c0be14c542b0948c6271b1ee5ccd53e6274654a91224c343bc418a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers x-amz-version-id xiOsZc7uE5tKiDSQktQUrZL0HDZ15YnH etag "8c552e626b8b5369201a4e722ed44821" age 51548 x-cache Hit from cloudfront x-amz-cf-id 4rsCecf25S8HkQRf6zVmHul6YpiVGlQjldE0X6ahIsyRGTSwlPBHWQ== date Mon, 13 Jan 2025 07:15:54 GMT content-type image/png vary accept-encoding last-modified Thu, 09 Jan 2025 01:10:38 GMT x-amz-replication-status COMPLETED cache-control max-age=86400 via 1.1 912473ac1d19bf036ac06a064043c616.cloudfront.net (CloudFront) accept-ranges bytes content-length 9807 x-amz-cf-pop IAD55-P7 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	sofi-logo-blue.svg d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/branding/logos/	6 KB 2 KB	105ms 15ms	Image image/svg+xml	2600:9000:27ce:d200:10:8d:3740:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/branding/logos/sofi-logo-blue.svg Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:27ce:d200:10:8d:3740:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash df3cba7d13c14e44c7af2bd10bca2e938cd47a34ede78e8fba32f7f20d004094 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers content-encoding gzip x-amz-version-id m7x43sUoezTqe.NDdRZoP0iz4CmV2Dy9 etag W/"9d6706791f05bdab1f717215fb63139e" age 49898 x-cache Hit from cloudfront x-amz-cf-id oKZsKSW5uOrhWStyUCcbu_JgmUxvW33cojhlzE0QsJiuaB7ywFAu6Q== date Mon, 13 Jan 2025 07:43:23 GMT content-type image/svg+xml vary accept-encoding last-modified Thu, 09 Jan 2025 01:10:38 GMT x-amz-replication-status COMPLETED cache-control max-age=86400 via 1.1 912473ac1d19bf036ac06a064043c616.cloudfront.net (CloudFront) x-amz-cf-pop IAD55-P7 server AmazonS3 x-amz-server-side-encryption AES256
GET H3	404	%7B%7B%20back_arrow_icon%20%7D%7D sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/	0 450 B	247ms 246ms	Image text/plain	2606:4700:4400::6812:24ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/%7B%7B%20back_arrow_icon%20%7D%7D Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:24ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Response headers surrogate-control no-store cf-cache-status DYNAMIC x-content-type-options nosniff expires 0 x-auth0-l 0.014 x-auth0-not-found 1 alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 13 Jan 2025 21:35:01 GMT vary Accept-Encoding priority u=2,i x-frame-options SAMEORIGIN strict-transport-security max-age=10368000; includeSubDomains cache-control no-store, no-cache, must-revalidate, proxy-revalidate pragma no-cache cf-ray 901883800a318c2f-EWR x-xss-protection 1; mode=block server cloudflare
GET H2	200	7331d0a5289a23fb1966.png d25w3v87zu4vev.cloudfront.net/sofiinc/auth/sofi-auth/main/static/media/	22 KB 23 KB	97ms 14ms	Image image/png	2600:9000:2073:4600:19:f7cc:81c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d25w3v87zu4vev.cloudfront.net/sofiinc/auth/sofi-auth/main/static/media/7331d0a5289a23fb1966.png Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2073:4600:19:f7cc:81c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e182f76b074753911d9dc5c0db48650a94472ac95dccf64d9d9b8100be6a03b3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers x-amz-version-id bKfyvA4P73LByHATmMi0pWEgzAtR18aR etag "c1951397bd895334b0ab41b7e16bb841" age 50905 x-cache Hit from cloudfront x-amz-cf-id ZjJvBlK0LxFqoaVFw1tjTbwUkI33jlHSP7_H1iMLnpozW_yBS-4wIg== date Mon, 13 Jan 2025 07:26:37 GMT content-type image/png vary accept-encoding last-modified Mon, 06 Jan 2025 23:22:03 GMT x-amz-replication-status COMPLETED cache-control max-age=86400 via 1.1 6306947fb6ab60dc617ca2e025941652.cloudfront.net (CloudFront) accept-ranges bytes content-length 22918 x-amz-cf-pop IAD50-C2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	a26e7094b0235d2942ad.png d25w3v87zu4vev.cloudfront.net/sofiinc/auth/sofi-auth/main/static/media/	25 KB 26 KB	107ms 24ms	Image image/png	2600:9000:2073:4600:19:f7cc:81c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d25w3v87zu4vev.cloudfront.net/sofiinc/auth/sofi-auth/main/static/media/a26e7094b0235d2942ad.png Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2073:4600:19:f7cc:81c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fd70f6ab934cd87e4b40fcd193a7359b518376f3d3b34140a5ec5582d0d88e3a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers x-amz-version-id obwNNBalCQZPdk.2IlT8n9WB7XO0pVsl etag "4bb7e2b1deae2699608816c857b70334" age 51167 x-cache Hit from cloudfront x-amz-cf-id DYST14Q5tztlUuvGpaXMyttkaJqsOIOODMfnSZ-36h6f2UrcFigBIA== date Mon, 13 Jan 2025 07:22:15 GMT content-type image/png vary accept-encoding last-modified Mon, 06 Jan 2025 23:22:03 GMT x-amz-replication-status COMPLETED cache-control max-age=86400 via 1.1 6306947fb6ab60dc617ca2e025941652.cloudfront.net (CloudFront) accept-ranges bytes content-length 26088 x-amz-cf-pop IAD50-C2 server AmazonS3 x-amz-server-side-encryption AES256
GET H3	404	clear sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/$%7Bbase_url%7D/logn-backend/assets/	0 493 B	242ms 242ms	Image text/plain	2606:4700:4400::6812:24ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/$%7Bbase_url%7D/logn-backend/assets/clear Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:24ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Response headers surrogate-control no-store cf-cache-status DYNAMIC x-content-type-options nosniff expires 0 x-auth0-l 0.010 x-auth0-not-found 1 alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 13 Jan 2025 21:35:01 GMT vary Accept-Encoding priority u=3,i x-frame-options SAMEORIGIN strict-transport-security max-age=10368000; includeSubDomains cache-control no-store, no-cache, must-revalidate, proxy-revalidate pragma no-cache cf-ray 901883800a338c2f-EWR x-xss-protection 1; mode=block server cloudflare
GET H2	200	sofi.com.png fontmetrics.net/	0 74 B	404ms 176ms	Image image/png	34.223.230.84 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://fontmetrics.net/sofi.com.png?u=https%3A//sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login%3Fclient%3DcOHFnejJDe2YBoDhtE3MjtAAjfkRss3z&r=&ra=0.49301134766876586 Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.223.230.84 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-223-230-84.us-west-2.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers apigw-requestid EWII5hfRPHcEPgg= content-length 0 date Mon, 13 Jan 2025 21:35:01 GMT content-type image/png
GET H2	200	gc-fp-wrapper.min.js Show response cdn.geocomply.com/faas/solus/iife/	325 KB 118 KB	141ms 140ms	Script application/javascript	3.162.101.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.geocomply.com/faas/solus/iife/gc-fp-wrapper.min.js Requested by Host: cdn.geocomply.com URL: https://cdn.geocomply.com/191/gc-html5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.101.168 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-101-168.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 073c5ddf92e8c406fe7cb7a7b800a341619345f566afaa9e7a4bc2ab47aba61b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers vary accept-encoding, Origin content-encoding br etag W/"490998058b159748df86c241e1ed827c" x-amz-version-id eKQx3Vbo11GRfn0mIdBT9fOSxEh3i0S9 via 1.1 be4fef3f6c1b2c76e0341ff49a27ce40.cloudfront.net (CloudFront) x-cache Miss from cloudfront x-amz-cf-id eWYR7IrJghmC0N86Xx66TCtBQa9eFbrpskjY8djUYJsU9jpUCV5zMQ== date Mon, 13 Jan 2025 21:35:02 GMT content-type application/javascript last-modified Wed, 27 Mar 2024 09:40:16 GMT server AmazonS3 x-amz-cf-pop IAD61-P1 x-amz-server-side-encryption AES256
GET H3	200	trace Show response www.cloudflare.com/cdn-cgi/	329 B 427 B	98ms 24ms	Fetch text/plain	2606:4700::6810:7c60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cloudflare.com/cdn-cgi/trace Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:7c60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eaafe0076ea94d1e8cbdcbb1adc8633fec1054103952d1b9239d593cc725e81a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers cache-control no-cache content-encoding gzip x-content-type-options nosniff cf-ray 901883831e9542ad-EWR expires Thu, 01 Jan 1970 00:00:01 GMT access-control-allow-origin * date Mon, 13 Jan 2025 21:35:01 GMT content-type text/plain server cloudflare x-frame-options DENY
GET DATA	200 OK	truncated /	317 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f2d60e028a05cec1e6adcbfbdec065a6e5453f4c037bbc1a6c7bd9f5676ae99b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H2	200	auth0-mfa-loader.svg d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/branding/icons/	343 B 799 B	15ms 14ms	Image image/svg+xml	2600:9000:27ce:d200:10:8d:3740:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/branding/icons/auth0-mfa-loader.svg Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:27ce:d200:10:8d:3740:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b1791ad59a04992e2bc66c271d5d3871c6278d585f90acad0b528db19cb75f38 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers x-amz-version-id 1OxwVqY5Ii3x3SQxOJK6u7Qg4NvDrYcA etag "987ff2ad3e49ae1d12d570538212e186" age 50157 x-cache Hit from cloudfront x-amz-cf-id 8F4QxXsk4dhdnDKA70-xQe4xne4q2GLl-znn5j75uKIJCfyV5a4TLQ== date Mon, 13 Jan 2025 08:11:41 GMT content-type image/svg+xml vary accept-encoding last-modified Thu, 09 Jan 2025 01:10:38 GMT x-amz-replication-status COMPLETED cache-control max-age=86400 via 1.1 912473ac1d19bf036ac06a064043c616.cloudfront.net (CloudFront) accept-ranges bytes content-length 343 x-amz-cf-pop IAD55-P7 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	ttnorms_bold.woff d32ijn7u0aqfv4.cloudfront.net/git/fonts/ttnorms/	26 KB 26 KB	323ms 233ms	Font binary/octet-stream	18.67.79.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d32ijn7u0aqfv4.cloudfront.net/git/fonts/ttnorms/ttnorms_bold.woff Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.79.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-79-109.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 2a0511033e7b70d5f652a7307631e98853ab8436351e8afb9d7790d8881faa01 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://sofi-us-dev-1.previews.prod.auth0users.com Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers access-control-max-age 3000 etag "e3f56059c9d8888721280a1a793d4fb2" x-amz-version-id L_MYi.78EkrjbnyDy5.7PGbBsuH1F8JG access-control-allow-methods HEAD, GET, PUT, POST, DELETE alt-svc h3=":443"; ma=86400 x-cache Miss from cloudfront x-amz-cf-id oDCGJVcd0YE_69PXqtFh7_GgkIk44kH1EGFp1DpBFtOlA719ugW3Xw== date Mon, 13 Jan 2025 21:35:02 GMT content-type binary/octet-stream vary Origin last-modified Mon, 16 Dec 2024 19:18:32 GMT x-amz-replication-status COMPLETED cache-control max-age=1800 via 1.1 4e6e9c8ad6e40529a0e7659f2f4c5f28.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 26116 x-amz-cf-pop IAD89-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	ttnorms_medium.woff d32ijn7u0aqfv4.cloudfront.net/git/fonts/ttnorms/	28 KB 29 KB	340ms 251ms	Font binary/octet-stream	18.67.79.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d32ijn7u0aqfv4.cloudfront.net/git/fonts/ttnorms/ttnorms_medium.woff Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.79.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-79-109.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash b8408490d500a88236cd3f841ca16627b4199a192a42cb25f9ea3336cad3d5cc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://sofi-us-dev-1.previews.prod.auth0users.com Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers access-control-max-age 3000 etag "6b127d0fa4c7968175006e3dcafa4b25" x-amz-version-id R8ixsw7t0sII9hKe3diG72GFJlwRF_1Y access-control-allow-methods HEAD, GET, PUT, POST, DELETE alt-svc h3=":443"; ma=86400 x-cache Miss from cloudfront x-amz-cf-id JXndaxasMv3e2HZ-ndZfpSzvSOfCvczcjbd1FWCYvEBph0dyz9y7OQ== date Mon, 13 Jan 2025 21:35:02 GMT content-type binary/octet-stream vary Origin last-modified Mon, 16 Dec 2024 19:18:32 GMT x-amz-replication-status COMPLETED cache-control max-age=1800 via 1.1 4e6e9c8ad6e40529a0e7659f2f4c5f28.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 28572 x-amz-cf-pop IAD89-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	ttnorms_regular.woff d32ijn7u0aqfv4.cloudfront.net/git/fonts/ttnorms/	40 KB 41 KB	355ms 266ms	Font binary/octet-stream	18.67.79.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d32ijn7u0aqfv4.cloudfront.net/git/fonts/ttnorms/ttnorms_regular.woff Requested by Host: sofi-us-dev-1.previews.prod.auth0users.com URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.79.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-79-109.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash b9a27411d3a996bbb09ba437ba2339c2b5a93647258c5391d90821d980919707 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://sofi-us-dev-1.previews.prod.auth0users.com Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers access-control-max-age 3000 etag "5861b184572b85b7c5fe33b71a0199a8" x-amz-version-id 0rNdbeqSPgFsfT8BTeWaiOJCrxsDGjXm access-control-allow-methods HEAD, GET, PUT, POST, DELETE alt-svc h3=":443"; ma=86400 x-cache Miss from cloudfront x-amz-cf-id HFEHGyCx3XALp00Hgnun7hsVT_5Jd7NH9YmP_5FEj_5X0RIxuwiD2w== date Mon, 13 Jan 2025 21:35:02 GMT content-type binary/octet-stream vary Origin last-modified Mon, 16 Dec 2024 19:18:32 GMT x-amz-replication-status COMPLETED cache-control max-age=1800 via 1.1 4e6e9c8ad6e40529a0e7659f2f4c5f28.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 41020 x-amz-cf-pop IAD89-P2 server AmazonS3 x-amz-server-side-encryption AES256
OPTIONS H2	200	62472e1d7b765b1471f2c14e app.launchdarkly.com/sdk/goals/	0 0	66ms 18ms	Preflight	151.101.130.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/goals/62472e1d7b765b1471f2c14e Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers x-launchdarkly-user-agent Access-Control-Request-Method GET Origin https://sofi-us-dev-1.previews.prod.auth0users.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags access-control-allow-methods GET, OPTIONS, HEAD access-control-allow-origin * access-control-max-age 3600 age 0 allow GET, OPTIONS, HEAD content-encoding gzip content-length 23 date Mon, 13 Jan 2025 21:35:01 GMT ld-region us-east-1 strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 varnish x-cache MISS x-cache-hits 0 x-served-by cache-lga21946-LGA x-timer S1736804102.696486,VS0,VE9
GET H2	200	62472e1d7b765b1471f2c14e Show response app.launchdarkly.com/sdk/goals/	2 B 187 B	54ms 54ms	XHR application/json	151.101.130.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/goals/62472e1d7b765b1471f2c14e Requested by Host: d3331otr86r7j1.cloudfront.net URL: https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/scripts/ldclient:3.1.4.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 X-LaunchDarkly-User-Agent JSClient/3.1.4 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers content-md5 d751713988987e9331980363e24189ce access-control-max-age 300 content-encoding gzip etag "d751713988987e9331980363e24189ce" age 0 access-control-allow-methods GET, OPTIONS, HEAD x-cache HIT date Mon, 13 Jan 2025 21:35:01 GMT content-type application/json x-served-by cache-lga21946-LGA x-cache-hits 0 access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding cache-control max-age=0 x-timer S1736804102.714886,VS0,VE45 ld-region us-east-1 via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 26
GET H2	200	eyJraW5kIjoidXNlciIsImtleSI6ImFub255bW91cyIsImlwIjoiMmEwZDo1NjAwOjI0OjE1MDA6MTAxMTo1NmFjOjQ1ZTU6NTc0MyJ9 Show response app.launchdarkly.com/sdk/evalx/62472e1d7b765b1471f2c14e/contexts/	867 B 616 B	67ms 66ms	XHR application/json	151.101.130.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/evalx/62472e1d7b765b1471f2c14e/contexts/eyJraW5kIjoidXNlciIsImtleSI6ImFub255bW91cyIsImlwIjoiMmEwZDo1NjAwOjI0OjE1MDA6MTAxMTo1NmFjOjQ1ZTU6NTc0MyJ9 Requested by Host: d3331otr86r7j1.cloudfront.net URL: https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/scripts/ldclient:3.1.4.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cc105ba3d64570704f50d65dd426d9d7aa840703165e3dbf929427a876e278db Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 X-LaunchDarkly-User-Agent JSClient/3.1.4 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ Response headers access-control-max-age 3600 content-encoding gzip etag "446dbb" age 0 access-control-allow-methods OPTIONS, GET x-cache MISS date Mon, 13 Jan 2025 21:35:01 GMT content-type application/json vary Authorization, Accept-Encoding x-served-by cache-lga21979-LGA, cache-lga21946-LGA x-cache-hits 0 access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version cache-control max-age=0 x-timer S1736804102.714662,VS0,VE58 via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 254
OPTIONS H2	200	eyJraW5kIjoidXNlciIsImtleSI6ImFub255bW91cyIsImlwIjoiMmEwZDo1NjAwOjI0OjE1MDA6MTAxMTo1NmFjOjQ1ZTU6NTc0MyJ9 app.launchdarkly.com/sdk/evalx/62472e1d7b765b1471f2c14e/contexts/	0 0	64ms 17ms	Preflight	151.101.130.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/evalx/62472e1d7b765b1471f2c14e/contexts/eyJraW5kIjoidXNlciIsImtleSI6ImFub255bW91cyIsImlwIjoiMmEwZDo1NjAwOjI0OjE1MDA6MTAxMTo1NmFjOjQ1ZTU6NTc0MyJ9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers x-launchdarkly-user-agent Access-Control-Request-Method GET Origin https://sofi-us-dev-1.previews.prod.auth0users.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags access-control-allow-methods GET, OPTIONS, HEAD access-control-allow-origin * access-control-max-age 3600 age 0 allow GET, OPTIONS, HEAD content-encoding gzip content-length 23 date Mon, 13 Jan 2025 21:35:01 GMT ld-region us-east-1 strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 varnish x-cache MISS x-cache-hits 0 x-served-by cache-lga21946-LGA x-timer S1736804102.696652,VS0,VE9
OPTIONS H2	204	62472e1d7b765b1471f2c14e events.launchdarkly.com/events/diagnostic/	0 0	76ms 14ms	Preflight	3.219.189.64 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/diagnostic/62472e1d7b765b1471f2c14e Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 3.219.189.64 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-219-189-64.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,x-launchdarkly-user-agent Access-Control-Request-Method POST Origin https://sofi-us-dev-1.previews.prod.auth0users.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags access-control-allow-methods POST,OPTIONS access-control-allow-origin * access-control-expose-headers Date access-control-max-age 300 date Mon, 13 Jan 2025 21:35:02 GMT strict-transport-security max-age=31536000; includeSubDomains
POST H2	202	62472e1d7b765b1471f2c14e Show response events.launchdarkly.com/events/diagnostic/	0 358 B	17ms 16ms	XHR application/json	3.219.189.64 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/diagnostic/62472e1d7b765b1471f2c14e Requested by Host: d3331otr86r7j1.cloudfront.net URL: https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/scripts/ldclient:3.1.4.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 3.219.189.64 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-219-189-64.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 X-LaunchDarkly-User-Agent JSClient/3.1.4 Content-Type application/json Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 300 access-control-expose-headers Date access-control-allow-methods POST,OPTIONS access-control-allow-origin * content-length 0 date Mon, 13 Jan 2025 21:35:02 GMT content-type application/json access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
GET H3	404	favicon.ico sofi-us-dev-1.previews.prod.auth0users.com/	0 450 B	728ms 728ms	Other text/plain	2606:4700:4400::6812:24ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sofi-us-dev-1.previews.prod.auth0users.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::6812:24ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Response headers surrogate-control no-store cf-cache-status BYPASS x-content-type-options nosniff expires 0 x-auth0-l 0.009 x-auth0-not-found 1 alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 13 Jan 2025 21:35:03 GMT vary Accept-Encoding priority u=1,i x-frame-options SAMEORIGIN strict-transport-security max-age=10368000; includeSubDomains cache-control no-store, no-cache, must-revalidate, proxy-revalidate pragma no-cache cf-ray 90188387af528c2f-EWR x-xss-protection 1; mode=block server cloudflare
OPTIONS H2	204	62472e1d7b765b1471f2c14e events.launchdarkly.com/events/bulk/	0 0	14ms 14ms	Preflight	3.219.189.64 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/bulk/62472e1d7b765b1471f2c14e Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 3.219.189.64 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-219-189-64.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent Access-Control-Request-Method POST Origin https://sofi-us-dev-1.previews.prod.auth0users.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags access-control-allow-methods POST,OPTIONS access-control-allow-origin * access-control-expose-headers Date access-control-max-age 300 date Mon, 13 Jan 2025 21:35:04 GMT strict-transport-security max-age=31536000; includeSubDomains
POST H2	202	62472e1d7b765b1471f2c14e Show response events.launchdarkly.com/events/bulk/	0 358 B	67ms 66ms	XHR application/json	3.219.189.64 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/bulk/62472e1d7b765b1471f2c14e Requested by Host: d3331otr86r7j1.cloudfront.net URL: https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/scripts/ldclient:3.1.4.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 3.219.189.64 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-219-189-64.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers X-LaunchDarkly-Event-Schema 4 Referer https://sofi-us-dev-1.previews.prod.auth0users.com/ X-LaunchDarkly-Payload-ID 40544800-d1f6-11ef-abc2-3d57344c1f28 X-LaunchDarkly-User-Agent JSClient/3.1.4 Content-Type application/json User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 300 access-control-expose-headers Date access-control-allow-methods POST,OPTIONS access-control-allow-origin * content-length 0 date Mon, 13 Jan 2025 21:35:04 GMT content-type application/json access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SoFi (Financial)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| c string| imageSrc function| isWebview object| DD_RUM object| LDClient function| N1Hj6 number| e_aGgc function| V8a$PY function| M_ixD function| E1vv object| platform object| GcHtml5 function| getLaunchDarklyKey function| getBrowserCookie function| getOptimizelyVariation function| getGeoComplyLicenseKey function| setGeoComplyResponseToRedis function| getGeoComplyResponse function| getCloudflareIP object| root number| u3Vbip function| D2Cqe function| O_g4j_ object| FAAS function| B1Qi0 function| k6kk object| FAAS_RUM object| GCFP

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sofi-us-dev-1.previews.prod.auth0users.com/	1970-01-21 11:12:20	Name: dcdd218e08cf151d113eb4b0a7bebd11d0f5821ef82424f966adbfce5971964c Value: /LnM9asgieZSmuFv7FujF/fma2NxkSWXFQt0TrHE7CfIyhLmF31ssyyzKPBcxcYTE10utFThiU+avO6PR8P1rHjTJkPLfgsdF4qmihvJ.wnh&iPfo^IwOfNwZF$wjX9)BDbBpz9C#.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/%7B%7B%20COOKIELAW_URL%20%7D%7D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/$%7Bbase_url%7D/logn-backend/assets/clear Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/%7B%7B%20back_arrow_icon%20%7D%7D Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Message: Refused to execute script from 'https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/%7B%7B%20COOKIELAW_URL%20%7D%7D' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
rendering	warning	URL: https://sofi-us-dev-1.previews.prod.auth0users.com/previews/pi/sofi-sit/login?client=cOHFnejJDe2YBoDhtE3MjtAAjfkRss3z Message: [GroupMarkerNotSet(crbug.com/242999)!:A0901D00EC350000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://sofi-us-dev-1.previews.prod.auth0users.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10368000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
cdn.geocomply.com
d25w3v87zu4vev.cloudfront.net
d32ijn7u0aqfv4.cloudfront.net
d3331otr86r7j1.cloudfront.net
events.launchdarkly.com
fontmetrics.net
sofi-us-dev-1.previews.prod.auth0users.com
www.cloudflare.com
www.datadoghq-browser-agent.com
108.138.77.209
151.101.130.217
18.67.79.109
2600:9000:2073:4600:19:f7cc:81c0:21
2600:9000:27ce:d200:10:8d:3740:21
2606:4700:4400::6812:24ba
2606:4700::6810:7c60
3.162.101.168
3.219.189.64
34.223.230.84
073c5ddf92e8c406fe7cb7a7b800a341619345f566afaa9e7a4bc2ab47aba61b
2a0511033e7b70d5f652a7307631e98853ab8436351e8afb9d7790d8881faa01
4161e8b093c0be14c542b0948c6271b1ee5ccd53e6274654a91224c343bc418a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
810ea3ceea2460b2d2ff12414ffca3fd8a654ea382b202f300ded36a9231e2eb
86bb6a1fe8c41c3bcb8a7ff89233d87e96e2c091903add96e34ae38c3237df89
b1791ad59a04992e2bc66c271d5d3871c6278d585f90acad0b528db19cb75f38
b8408490d500a88236cd3f841ca16627b4199a192a42cb25f9ea3336cad3d5cc
b9a27411d3a996bbb09ba437ba2339c2b5a93647258c5391d90821d980919707
be88542bc94765d005d79ae6d6119cdf5ac312260acee2a1d9cccb577d0e14ba
cc105ba3d64570704f50d65dd426d9d7aa840703165e3dbf929427a876e278db
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
df3cba7d13c14e44c7af2bd10bca2e938cd47a34ede78e8fba32f7f20d004094
e182f76b074753911d9dc5c0db48650a94472ac95dccf64d9d9b8100be6a03b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaafe0076ea94d1e8cbdcbb1adc8633fec1054103952d1b9239d593cc725e81a
f2d60e028a05cec1e6adcbfbdec065a6e5453f4c037bbc1a6c7bd9f5676ae99b
fd70f6ab934cd87e4b40fcd193a7359b518376f3d3b34140a5ec5582d0d88e3a