www.figure.com Open in urlscan Pro
34.160.235.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.figure.com/login
Submission: On May 31 via manual (May 31st 2023, 9:09:29 am UTC) from GB — Scanned from GB

Summary HTTP 86 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 35 IPs in 3 countries across 23 domains to perform 86 HTTP transactions. The main IP is 34.160.235.105, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.figure.com. The Cisco Umbrella rank of the primary domain is 698527.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 24th 2022. Valid for: a year.

This is the only time www.figure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	34.160.235.105 34.160.235.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	35.163.78.87 35.163.78.87	16509 (AMAZON-02) (AMAZON-02)
1	41.63.96.2 41.63.96.2	22822 (LLNW) (LLNW)
1	44.209.137.118 44.209.137.118	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:1ec:4f:1... 2620:1ec:4f:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	52.71.37.165 52.71.37.165	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.173.192.218 54.173.192.218	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:224... 2600:9000:2240:d200:a:b27c:d040:93a1	16509 (AMAZON-02) (AMAZON-02)
4	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:8000:0:cc59:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.71.121.170 52.71.121.170	14618 (AMAZON-AES) (AMAZON-AES)
2	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	3.69.229.111 3.69.229.111	16509 (AMAZON-02) (AMAZON-02)
2	35.81.173.170 35.81.173.170	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:4e:1... 2620:1ec:4e:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.81.162.201 35.81.162.201	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
86	35

6 34.160.235.105 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.235.160.34.bc.googleusercontent.com

www.figure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

9697935.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.163.78.87 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-78-87.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 41.63.96.2 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-41-63-96-2.hhn.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.209.137.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-137-118.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:4f:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lwjs.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.71.37.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-37-165.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.192.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-192-218.compute-1.amazonaws.com

ad.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:d200:a:b27c:d040:93a1 (United States)

ASN16509 (AMAZON-02, US)

ext.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8000:0:cc59:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

web.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.121.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-121-170.compute-1.amazonaws.com

52.71.121.170	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.229.111 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-229-111.eu-central-1.compute.amazonaws.com

api.ipdata.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.81.173.170 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-173-170.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lwpixel.azurefd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.162.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-162-201.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	gstatic.com fonts.gstatic.com www.gstatic.com	439 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2230	21 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	48 KB
6	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 1873 rs.fullstory.com — Cisco Umbrella Rank: 1835	75 KB
6	figure.com www.figure.com — Cisco Umbrella Rank: 698527	1 MB
5	doubleclick.net 1 redirects 9697935.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	3 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2813	7 KB
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 5834 px.mountain.com — Cisco Umbrella Rank: 5980 gs.mountain.com — Cisco Umbrella Rank: 11382	9 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	90 KB
3	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3222	625 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 343	13 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 306 insight.adsrvr.org — Cisco Umbrella Rank: 522	526 B
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3357	267 B
2	chtbl.com ext.chtbl.com — Cisco Umbrella Rank: 19498 web.chtbl.com — Cisco Umbrella Rank: 19411	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	239 B
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 6143 flask.nextdoor.com — Cisco Umbrella Rank: 5889	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	187 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	92 KB
1	azurefd.net lwpixel.azurefd.net — Cisco Umbrella Rank: 120719	253 B
1	ipdata.co api.ipdata.co — Cisco Umbrella Rank: 34177	1 KB
1	ipredictive.com ad.ipredictive.com — Cisco Umbrella Rank: 5395	327 B
1	azureedge.net lwjs.azureedge.net — Cisco Umbrella Rank: 147430	1 KB
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 9027	2 KB
86	23

	Domain	Requested by
8	www.google-analytics.com	www.googletagmanager.com www.figure.com edge.fullstory.com
8	fonts.gstatic.com	fonts.googleapis.com www.google.com
7	www.google.com	www.figure.com www.gstatic.com www.google.com
6	www.figure.com	www.figure.com
4	rs.fullstory.com	edge.fullstory.com
4	tags.srv.stackadapt.com	www.figure.com tags.srv.stackadapt.com edge.fullstory.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net
4	www.gstatic.com	www.google.com www.gstatic.com
3	region1.google-analytics.com	www.googletagmanager.com
3	www.google.co.uk	www.figure.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.figure.com
2	px.mountain.com	dx.mountain.com www.figure.com
2	pixel.sitescout.com	www.figure.com
2	stats.g.doubleclick.net	www.google-analytics.com edge.fullstory.com
2	www.facebook.com	www.figure.com
2	9697935.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	edge.fullstory.com	www.figure.com edge.fullstory.com
2	www.googletagmanager.com	www.figure.com www.googletagmanager.com
2	fonts.googleapis.com	www.figure.com
1	insight.adsrvr.org
1	match.adsrvr.org
1	gs.mountain.com	www.figure.com
1	lwpixel.azurefd.net
1	api.ipdata.co	edge.fullstory.com
1	flask.nextdoor.com	www.figure.com
1	web.chtbl.com	edge.fullstory.com
1	adservice.google.com	9697935.fls.doubleclick.net
1	ext.chtbl.com	www.figure.com
1	ad.ipredictive.com	www.figure.com
1	lwjs.azureedge.net	www.googletagmanager.com
1	dx.mountain.com	www.figure.com
1	up.pixel.ad	www.googletagmanager.com
1	ads.nextdoor.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
86	34

This site contains links to these domains. Also see Links.

Domain
www.nmlsconsumeraccess.org

Subject Issuer	Validity	Valid
*.figure.com Go Daddy Secure Certificate Authority - G2	`2022-11-24` - `2023-12-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-05-27` - `2023-08-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-09` - `2023-06-07`	3 months	crt.sh
nextdoor.com Amazon RSA 2048 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
*.pixel.ad GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-24` - `2024-02-02`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2022-05-21` - `2023-06-22`	a year	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 05	`2023-04-20` - `2024-04-14`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-02-27` - `2023-11-07`	8 months	crt.sh
*.ipredictive.com Amazon RSA 2048 M02	`2023-03-14` - `2024-04-11`	a year	crt.sh
ext.chtbl.com Amazon RSA 2048 M01	`2023-02-23` - `2023-12-22`	10 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-05-21` - `2023-08-19`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
web.chtbl.com Amazon RSA 2048 M02	`2023-02-21` - `2024-01-28`	a year	crt.sh
52.71.121.170 Sectigo RSA Domain Validation Secure Server CA	`2023-02-12` - `2024-02-12`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
api.ipdata.co Amazon RSA 2048 M01	`2023-02-13` - `2023-11-20`	9 months	crt.sh
*.google.co.uk GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.azurefd.net Microsoft Azure TLS Issuing CA 02	`2023-05-21` - `2024-05-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.figure.com/login
Frame ID: E8287EC635541FDD3D0C115C739DB9E7
Requests: 74 HTTP requests in this frame

Frame: https://9697935.fls.doubleclick.net/activityi;dc_pre=COeooOian_8CFZZCwgodlZ0BHA;src=9697935;type=unive0;cat=unive00;ord=1;num=619087702864;gtm=45He35o0;auiddc=1029763495.1685524163;u1=https%3A%2F%2Fwww.figure.com%2Flogin;u2=Login%20to%20your%20Figure%20account;u3=;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.figure.com%2Flogin
Frame ID: DFA76AFE53F8C1CFD3FEDF57BE1E3DF6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfXiDAkAAAAADQBQfWhpvkTQGf_h1cmAdalgufQ&co=aHR0cHM6Ly93d3cuZmlndXJlLmNvbTo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=5qqv4wt9o2zn
Frame ID: 45F475E6D5BC75F432BABFAE48EE979C
Requests: 8 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: CE1DD7DACB639C70543D6FEC94188799
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login to your Figure accountFigure Logo

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

86
Requests

99 %
HTTPS

53 %
IPv6

23
Domains

34
Subdomains

35
IPs

3
Countries

2456 kB
Transfer

4230 kB
Size

25
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.nmlsconsumeraccess.org/EntityDetails.aspx/COMPANY/1717824
Title: NMLS #1717824 - NMLSCONSUMERACCESS.ORG Opens a new window

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://9697935.fls.doubleclick.net/activityi;src=9697935;type=unive0;cat=unive00;ord=1;num=619087702864;gtm=45He35o0;auiddc=1029763495.1685524163;u1=https%3A%2F%2Fwww.figure.com%2Flogin;u2=Login%20to%20your%20Figure%20account;u3=;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.figure.com%2Flogin HTTP 302
https://9697935.fls.doubleclick.net/activityi;dc_pre=COeooOian_8CFZZCwgodlZ0BHA;src=9697935;type=unive0;cat=unive00;ord=1;num=619087702864;gtm=45He35o0;auiddc=1029763495.1685524163;u1=https%3A%2F%2Fwww.figure.com%2Flogin;u2=Login%20to%20your%20Figure%20account;u3=;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.figure.com%2Flogin

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
www.figure.com/ 4 KB
5 KB 226ms
133ms Document
text/html 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

nginx/1.23.1 /

Resource Hash

96d06a09b464dd94c7cdc52e2795350a816a9111ae24a93b4a5763ad58803c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
content-length: 4605
content-type: text/html; charset=UTF-8
date: Wed, 31 May 2023 09:09:22 GMT
etag: "6470f479-11fd"
last-modified: Fri, 26 May 2023 18:03:37 GMT
pragma: no-cache
referrer-policy: origin
server: nginx/1.23.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
via: kong/2.8.3, 1.1 google
x-content-type-options: nosniff
x-kong-proxy-latency: 6
x-kong-upstream-latency: 2
x-xss-protection: 1; mode=block;

GET
H2 200 css
fonts.googleapis.com/ 224 KB
53 KB 156ms
62ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Gothic+A1:400,500,600,700|Poppins:400,500,600,700|Montserrat:400

Requested by

Host: www.figure.com
URL: https://www.figure.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a46f83780c75d3e9af0f90a1cf76fb9d42b249dd131803d1802138002be42c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 09:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 09:09:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 09:09:22 GMT

GET
H2 200 2.5f7ad4ef.chunk.js Show response
www.figure.com/login/static/js/ 1 MB
1 MB 141ms
140ms Script
application/javascript 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/login/static/js/2.5f7ad4ef.chunk.js

Requested by

Host: www.figure.com
URL: https://www.figure.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

nginx/1.23.1 /

Resource Hash

dbb32ba47fef391c4553edcb4296dfa58159fde054a99a979cfddce9bb82676c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: kong/2.8.3, 1.1 google
x-kong-proxy-latency: 9
x-kong-upstream-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1354153
x-xss-protection: 1; mode=block;
referrer-policy: origin
last-modified: Fri, 26 May 2023 18:03:37 GMT
server: nginx/1.23.1
etag: "6470f479-14a9a9"
vary: Origin
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 main.5af8fb31.chunk.js Show response
www.figure.com/login/static/js/ 58 KB
59 KB 137ms
136ms Script
application/javascript 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/login/static/js/main.5af8fb31.chunk.js

Requested by

Host: www.figure.com
URL: https://www.figure.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

nginx/1.23.1 /

Resource Hash

f8d723cd054f1d80488e48f7ea85d4c4661bc20fea3cbd5ed9beb233c311cb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: kong/2.8.3, 1.1 google
x-kong-proxy-latency: 8
x-kong-upstream-latency: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59774
x-xss-protection: 1; mode=block;
referrer-policy: origin
last-modified: Fri, 26 May 2023 18:03:37 GMT
server: nginx/1.23.1
etag: "6470f479-e97e"
vary: Origin
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 164 KB
39 KB 62ms
62ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Gothic+A1:400,500,700|Poppins:700

Requested by

Host: www.figure.com
URL: https://www.figure.com/login/static/js/2.5f7ad4ef.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e9a6c2836a404c274d2fe8efb8222822749babac8dc792f0619bcc78fdb73cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 09:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 09:09:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 09:09:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 344 KB
100 KB 168ms
76ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K6DBZZC

Requested by

Host: www.figure.com
URL: https://www.figure.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aebc64914c242b037e90dfca4f615df46819a3684f28f9bcf02301f3492caa2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102311
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 May 2023 09:09:23 GMT

GET
H2 200 CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.119.woff2
fonts.gstatic.com/s/gothica1/v13/ 9 KB
9 KB 157ms
57ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gothica1/v13/CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gothic+A1:400,500,600,700|Poppins:400,500,600,700|Montserrat:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2ef1fb8e14731044ec0ef5180e4252ce4620bab1fa108ce11907f64db95a8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.figure.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:06:47 GMT
x-content-type-options: nosniff
age: 61356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9340
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:27:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 16:06:47 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 186ms
86ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gothic+A1:400,500,600,700|Poppins:400,500,600,700|Montserrat:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.figure.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 15:41:35 GMT
x-content-type-options: nosniff
age: 322068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 15:41:35 GMT

GET
H2 200 CSR44z5ZnPydRjlCCwlCmOQKTZFstupOfBjNSl5zPnvB_dOjwqCu.119.woff2
fonts.gstatic.com/s/gothica1/v13/ 9 KB
9 KB 194ms
94ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gothica1/v13/CSR44z5ZnPydRjlCCwlCmOQKTZFstupOfBjNSl5zPnvB_dOjwqCu.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gothic+A1:400,500,600,700|Poppins:400,500,600,700|Montserrat:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

817f2e5090a74d4714cb6113f70a040bb74887aa599107070f0df668fe4219ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.figure.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 12:39:31 GMT
x-content-type-options: nosniff
age: 332992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9384
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:36:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 12:39:31 GMT

GET
H2 200 CSR44z5ZnPydRjlCCwlCmOQKTZFstupOfBjNSl5zPnvB_dOjwqCu.118.woff2
fonts.gstatic.com/s/gothica1/v13/ 9 KB
10 KB 126ms
43ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gothica1/v13/CSR44z5ZnPydRjlCCwlCmOQKTZFstupOfBjNSl5zPnvB_dOjwqCu.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gothic+A1:400,500,600,700|Poppins:400,500,600,700|Montserrat:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8622f68d6b93f413e46b5782b97f26cbec2369eeba3732b4c08b6073dae92db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.figure.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 09:56:16 GMT
x-content-type-options: nosniff
age: 342787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9444
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:37:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 09:56:16 GMT

GET
H2 200 CSR44z5ZnPydRjlCCwlCmOQKTZFstupOfBjNSl5zPnvB_dOjwqCu.117.woff2
fonts.gstatic.com/s/gothica1/v13/ 10 KB
10 KB 131ms
49ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gothica1/v13/CSR44z5ZnPydRjlCCwlCmOQKTZFstupOfBjNSl5zPnvB_dOjwqCu.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gothic+A1:400,500,600,700|Poppins:400,500,600,700|Montserrat:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12d55b65c250c09750d5d84ffd964e314678b3768df7647065f4e63b12fae98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.figure.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 16:12:25 GMT
x-content-type-options: nosniff
age: 320218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9816
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:27:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 16:12:25 GMT

GET
H2 200 CSR44z5ZnPydRjlCCwlCmOQKTZFstupOfBjNSl5zPnvB_dOjwqCu.115.woff2
fonts.gstatic.com/s/gothica1/v13/ 11 KB
11 KB 182ms
100ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gothica1/v13/CSR44z5ZnPydRjlCCwlCmOQKTZFstupOfBjNSl5zPnvB_dOjwqCu.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gothic+A1:400,500,600,700|Poppins:400,500,600,700|Montserrat:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbbf534072e1e33a6630c3c0a83a2767372959295f0aac92265d3b97f1f070d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.figure.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 23:16:13 GMT
x-content-type-options: nosniff
age: 294790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11004
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:27:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 23:16:13 GMT

GET
H3 200 7.d55ae28d.chunk.js Show response
www.figure.com/login/static/js/ 68 KB
68 KB 134ms
133ms Script
application/javascript 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/login/static/js/7.d55ae28d.chunk.js

Requested by

Host: www.figure.com
URL: https://www.figure.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

nginx/1.23.1 /

Resource Hash

c89c2ab608bb75738eebdbefce20d21939d351abd1c204f1d6b6b4d336f88363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: kong/2.8.3, 1.1 google
x-kong-proxy-latency: 5
x-kong-upstream-latency: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69701
x-xss-protection: 1; mode=block;
referrer-policy: origin
last-modified: Fri, 26 May 2023 18:03:37 GMT
server: nginx/1.23.1
etag: "6470f479-11045"
vary: Origin
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub
access-control-allow-credentials: true
accept-ranges: bytes

GET
H3 200 wl-info Show response
www.figure.com/processor-underwriting/public/api/v1/ 325 B
346 B 137ms
136ms XHR
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/processor-underwriting/public/api/v1/wl-info?org=FIGURE

Requested by

Host: www.figure.com
URL: https://www.figure.com/login/static/js/2.5f7ad4ef.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

62a7f18e33451b67c84d01980ddcf39d0f475f79fbb2208b679d33c5fa9f4f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.figure.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: origin
via: kong/2.8.3, 1.1 google
x-kong-proxy-latency: 7
vary: Origin
content-type: application/json
x-kong-upstream-latency: 4
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block;

POST
H3 200 session Show response
www.figure.com/ft/external/ 176 B
198 B 140ms
140ms XHR
application/json 34.160.235.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.figure.com/ft/external/session

Requested by

Host: www.figure.com
URL: https://www.figure.com/login/static/js/2.5f7ad4ef.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.235.105 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

105.235.160.34.bc.googleusercontent.com

Software

Resource Hash

9ade3d15a2a21dfb1e6dbda91e0daef0a95ffd97646e1c2edfc72461840b768a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json
Referer: https://www.figure.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 May 2023 09:09:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: origin
via: kong/2.8.3, 1.1 google
x-kong-proxy-latency: 7
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.figure.com
x-kong-upstream-latency: 8
access-control-expose-headers: x-uuid,x-roles,x-groups,x-accomplishments,Authorization,Content-Type,x-with-origin,Origin,x-org,x-3pv-access-code,x-figure-auth,x-addr,x-grp,x-pub
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block;

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 974 B
936 B 152ms
58ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LfXiDAkAAAAADQBQfWhpvkTQGf_h1cmAdalgufQ

Requested by

Host: www.figure.com
URL: https://www.figure.com/login/static/js/2.5f7ad4ef.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

32a9fa25622b017e50f8f5c34e1bee3b5b7e9eeed9c94693aebf3d91c5d6e5b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 616
x-xss-protection: 1; mode=block
expires: Wed, 31 May 2023 09:09:23 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 247 KB
67 KB 104ms
30ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.figure.com
URL: https://www.figure.com/login/static/js/2.5f7ad4ef.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d2ab7f053de5298301569b9ec31a75ce0e44376c20679a6de86f4b0a3792cab0

Request headers

Referer: https://www.figure.com/
Origin: https://www.figure.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 08:36:19 GMT
content-encoding: br
age: 1984
x-guploader-uploadid: ADPycduvRKqerlbHoLNTkIMJa6tHz-p-Ld5VanO0XHPdAWSdKJmxj7oK_oDL_kstn2hXkIiAgALNGr4hCoiwiXJ8vw-Bmz4wcoMO
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68118
last-modified: Thu, 11 May 2023 15:33:52 GMT
server: UploadServer
etag: "c19483b0b9afddcaa69b18fdfec2409d"
vary: Accept-Encoding
x-goog-generation: 1683819232008518
x-goog-hash: crc32c=P9KeFg==, md5=wZSDsLmv3cqmmxj9/sJAnQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 68118
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 31 May 2023 09:36:19 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ 407 KB
163 KB 147ms
46ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LfXiDAkAAAAADQBQfWhpvkTQGf_h1cmAdalgufQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.figure.com/
Origin: https://www.figure.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 07:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166449
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 May 2024 07:02:47 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/14DPH6/v1/ 14 KB
3 KB 119ms
118ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/14DPH6/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a90891e89be86742808111298c2a8e1282b795410004eeb87681993c2ed2e26a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:23 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycduy8Buk4ShrDsmg6Qw878CIUuiwQmsbF1ybZBG6_WaG3M7ksrFApmuMCOZz-YBF0lxdmZ5YzFihVrBDt7wqiV-Dtw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2334
last-modified: Wed, 31 May 2023 09:03:54 GMT
server: UploadServer
etag: "0886ee4721f3a05435a48552c61f33e5"
x-goog-generation: 1685378634505723
x-goog-hash: crc32c=oBxdXA==, md5=CIbuRyHzoFQ1pIVSxh8z5Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 2334
accept-ranges: bytes
content-type: application/json
expires: Wed, 31 May 2023 09:24:23 GMT

GET
H2

200

activityi;dc_pre=COeooOian_8CFZZCwgodlZ0BHA;src=9697935;type=unive0;cat=unive00;ord=1;num=619087702864;gtm=45He35o0;auiddc=1029763495.1685524163;u1=https%3A%2F%2Fwww.figure.com%2Flogin;u2=Login%20t... Show response
9697935.fls.doubleclick.net/ Frame DFA7
Redirect Chain

https://9697935.fls.doubleclick.net/activityi;src=9697935;type=unive0;cat=unive00;ord=1;num=619087702864;gtm=45He35o0;auiddc=1029763495.1685524163;u1=https%3A%2F%2Fwww.figure.com%2Flogin;u2=Login%2...
https://9697935.fls.doubleclick.net/activityi;dc_pre=COeooOian_8CFZZCwgodlZ0BHA;src=9697935;type=unive0;cat=unive00;ord=1;num=619087702864;gtm=45He35o0;auiddc=1029763495.1685524163;u1=https%3A%2F%2...

533 B
621 B

82ms
81ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9697935.fls.doubleclick.net/activityi;dc_pre=COeooOian_8CFZZCwgodlZ0BHA;src=9697935;type=unive0;cat=unive00;ord=1;num=619087702864;gtm=45He35o0;auiddc=1029763495.1685524163;u1=https%3A%2F%2Fwww.figure.com%2Flogin;u2=Login%20to%20your%20Figure%20account;u3=;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.figure.com%2Flogin?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6DBZZC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

5ff25042e6c9d7e25226905f6338fa7a9964b1dc1c4694a186759b22353c2f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.figure.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 283
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 09:09:23 GMT
expires: Wed, 31 May 2023 09:09:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 09:09:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9697935.fls.doubleclick.net/activityi;dc_pre=COeooOian_8CFZZCwgodlZ0BHA;src=9697935;type=unive0;cat=unive00;ord=1;num=619087702864;gtm=45He35o0;auiddc=1029763495.1685524163;u1=https%3A%2F%2Fwww.figure.com%2Flogin;u2=Login%20to%20your%20Figure%20account;u3=;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.figure.com%2Flogin?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 143ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6DBZZC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 May 2023 08:35:34 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2029
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 31 May 2023 10:35:34 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/726592927/ 3 KB
2 KB 188ms
88ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726592927/?random=1685524163431&cv=11&fst=1685524163431&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.figure.com%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Login%20to%20your%20Figure%20account&auid=1029763495.1685524163&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6DBZZC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

287918d8ea6577268290a63cd4d73ecfc7b57116fc4166c165701049bdd7a899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 09:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 135ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6DBZZC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 31 May 2023 09:09:22 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 93744612E6A84EF4B94BB14F00D550DF Ref B: LTSEDGE0819 Ref C: 2023-05-31T09:09:23Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 154ms
34ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6DBZZC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64d713537c6a5e114e01efb5143507e2617ed78662d1b119cd0c693731dc374e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 31 May 2023 09:09:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27502
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 5VondTdYedA36OgyqhTdFBDirjMpPqaWhYeMfmrjECyx9ZbMTZdfnIJ3V3J4OVktcl7bwVemR1+A9YPKkpFgTg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 6 KB
3 KB 615ms
194ms Script
application/javascript 35.163.78.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6DBZZC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.163.78.87 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-163-78-87.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:23 GMT
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
last-modified: Tue, 30 May 2023 19:06:43 GMT
server: istio-envoy
etag: W/"64764943-19c7"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 2

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 188ms
50ms Script
application/javascript 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6DBZZC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-41-63-96-2.hhn.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:23 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 520932
vary: accept-encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: e76cef2d0e1fc940f43402c3f368065e

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 16 KB
5 KB 617ms
125ms Script
application/javascript 44.209.137.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32590&tdr=&plh=https%3A%2F%2Fwww.figure.com%2Flogin&cb=60839026537002860term=value
Requested by: Host: www.figure.com
URL: https://www.figure.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.137.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-137-118.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 0735451500c28d99aaa699b440b995633d4516c9b577a83e60e12ec6cb5f05b3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:23 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 2
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 figurev3.js Show response
lwjs.azureedge.net/cjs/ 3 KB
1 KB 189ms
49ms Script
text/javascript 2620:1ec:4f:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lwjs.azureedge.net/cjs/figurev3.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6DBZZC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ccf2dc3eeda1c3840c92f1e7ec7ee0a16afbca78a98895cd7c96b68cc20890af

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 31 May 2023 09:09:23 GMT
content-encoding: br
last-modified: Fri, 17 Mar 2023 19:56:30 GMT
vary: Accept-Encoding
x-azure-ref: 20230531T090923Z-u5nmp6g5pp4ax5t7fua0nqyf2400000003e00000000030ew
content-type: text/javascript
x-ms-request-id: 08c5bf0f-a01e-007f-0837-932f65000000
x-cache: TCP_REMOTE_HIT
x-ms-version: 2009-09-19

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 364ms
120ms Script
text/javascript 52.71.37.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.figure.com
URL: https://www.figure.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.37.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-37-165.compute-1.amazonaws.com
Software: /
Resource Hash: 32a0863b57377a00206e50f211e03d6aedad028795eb5e4ec06b89b6cb8c1343

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 31 May 2023 09:09:23 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
86 KB 73ms
68ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GDR4NE627G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6DBZZC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd03f8012f35b0992a36ce31833184137ed6fd3be0e466e54d79edca1ceda9fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 May 2023 09:09:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 135ms
42ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=172100066969171&ev=PageView&ud[em]=&ud[fn]=&ud[ln]=&ud[zp]=&cd[value]=0.00&cd[currency]=USD

Requested by

Host: www.figure.com
URL: https://www.figure.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 31 May 2023 09:09:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK event
ad.ipredictive.com/d/track/ 0
327 B 485ms
118ms Image
text/plain 54.173.192.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/track/event?upid=104845&url=https%3A%2F%2Fwww.figure.com%2Flogin&cache_buster=[timestamp]&ps=2
Requested by: Host: www.figure.com
URL: https://www.figure.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.192.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-192-218.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 31 May 2023 09:09:23 GMT
Connection: keep-alive
X-CI-RTID: ad76c055-60d6-46ac-8638-5cb982e11287
Content-Length: 0

GET
H2 200 trackable.js Show response
ext.chtbl.com/ 4 KB
4 KB 209ms
44ms Script
application/javascript 2600:9000:2240:d200:a:b27c:d040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ext.chtbl.com/trackable.js
Requested by: Host: www.figure.com
URL: https://www.figure.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:d200:a:b27c:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 08:22:49 GMT
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
last-modified: Fri, 12 Feb 2021 20:28:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 2794
etag: "4a494dbb82444463b6fd8bff0e5593d6"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4092
x-amz-cf-id: U_8AaPy_Aqj9_4bL-G6ctbJDZYz-ek64rZJkW3hsAWgVdNONLMMXCg==

POST
H2 200 page Show response
rs.fullstory.com/rec/ 15 KB
3 KB 344ms
257ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: c19eb38c97589f51122385b03946cacda4940c2369d1483fa3339aa404e7bd6b

Request headers

Referer: https://www.figure.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.figure.com
date: Wed, 31 May 2023 09:09:23 GMT
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 45F4 50 KB
27 KB 91ms
90ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfXiDAkAAAAADQBQfWhpvkTQGf_h1cmAdalgufQ&co=aHR0cHM6Ly93d3cuZmlndXJlLmNvbTo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=5qqv4wt9o2zn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1284ee7022cc0b1c1e26d1d441f26064d32d149bf88b0f8e5f56c44c84ad5b31

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--MNagnPjh6l6HwUwBk8_og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.figure.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27632
content-security-policy: script-src 'report-sample' 'nonce--MNagnPjh6l6HwUwBk8_og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 09:09:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
352 B 109ms
36ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-116189000-1&cid=1525371361.1685524164&jid=1196099711&gjid=805279292&_gid=183807380.1685524164&_u=YGBAgEABAAAAAEAAI~&z=1559853416

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.figure.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 31 May 2023 09:09:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.figure.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 43ms
41ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1989501772&t=pageview&_s=1&dl=https%3A%2F%2Fwww.figure.com%2Flogin&ul=en-us&de=UTF-8&dt=Login%20to%20your%20Figure%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAAI~&jid=1196099711&gjid=805279292&cid=1525371361.1685524164&tid=UA-116189000-1&_gid=183807380.1685524164&gtm=45He35o0n81K6DBZZC&cd1=&cd2=&cd4=&z=750702019

Requested by

Host: www.figure.com
URL: https://www.figure.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 11:09:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79184
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 44ms
42ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1989501772&t=pageview&_s=1&dl=https%3A%2F%2Fwww.figure.com%2Flogin&ul=en-us&de=UTF-8&dt=Login%20to%20your%20Figure%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAEAAI~&jid=&gjid=&cid=1525371361.1685524164&tid=UA-116189000-1&_gid=183807380.1685524164&gtm=45He35o0n81K6DBZZC&cd1=&cd2=&cd4=&cd6=1685524163439.sh5s1ane&cd7=1685524163&z=2003838544

Requested by

Host: www.figure.com
URL: https://www.figure.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 11:09:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79184
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/726592927/ 42 B
314 B 58ms
58ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/726592927/?random=1685524163431&cv=11&fst=1685523600000&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.figure.com%2Flogin&frm=0&tiba=Login%20to%20your%20Figure%20account&fmt=3&is_vtc=1&random=583817247&rmt_tld=0&ipr=y

Requested by

Host: www.figure.com
URL: https://www.figure.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 09:09:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/726592927/ 42 B
455 B 147ms
53ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/726592927/?random=1685524163431&cv=11&fst=1685523600000&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.figure.com%2Flogin&frm=0&tiba=Login%20to%20your%20Figure%20account&fmt=3&is_vtc=1&random=583817247&rmt_tld=1&ipr=y

Requested by

Host: www.figure.com
URL: https://www.figure.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 09:09:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 25071839.js Show response
bat.bing.com/p/action/ 0
117 B 120ms
120ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25071839.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 31 May 2023 09:09:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7B4A4A0320D54405A1E096D8F6033BDA Ref B: LTSEDGE0819 Ref C: 2023-05-31T09:09:23Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 45ms
44ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25071839&tm=gtm002&Ver=2&mid=1c2f214c-f193-473e-b818-d5f2bd30a406&sid=d5e09050ff9211ed9dbc7f8e6b1c4218&vid=d5e0b490ff9211eda6995564aa3f9810&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Login%20to%20your%20Figure%20account&p=https%3A%2F%2Fwww.figure.com%2Flogin&r=&lt=1019&evt=pageLoad&sv=1&rn=790627

Requested by

Host: www.figure.com
URL: https://www.figure.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 31 May 2023 09:09:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C8D14F4AE22543739074DB1149602C3F Ref B: LTSEDGE0819 Ref C: 2023-05-31T09:09:23Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 113ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GDR4NE627G&gtm=45je35o0&_p=1989501772&cid=1525371361.1685524164&ul=en-us&_geo=1&_rdi=1&ngs=1&_s=1&sid=1685524163&sct=1&seg=0&dl=https%3A%2F%2Fwww.figure.com%2Flogin&dt=Login%20to%20your%20Figure%20account&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GDR4NE627G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 09:09:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.figure.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
21 KB 47ms
47ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 31 May 2023 09:09:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: xPKxv63TM6XELY/XXnA/AdaQHO8nHFGXATBwzYoE3OeUKhDxWO1d8L2z8dRGnsDuOvM1S9isfrnDIsLAOPQSNQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 172100066969171 Show response
connect.facebook.net/signals/config/ 74 KB
20 KB 92ms
91ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/172100066969171?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7e5e9ea17c28a5940b54510535d0b08639dd0e47e8fa8eb557cba0a803050e3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 31 May 2023 09:09:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: MkSkG6h9BYnk9S/gjx/1Bv1uTAbX0EFhoiFAAmTjX1J/v3/yK0q8tcEA2b7OHSOLPfJRIGk6u01kAr8k2QkWKw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame 45F4 55 KB
24 KB 136ms
44ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfXiDAkAAAAADQBQfWhpvkTQGf_h1cmAdalgufQ&co=aHR0cHM6Ly93d3cuZmlndXJlLmNvbTo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=5qqv4wt9o2zn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 14:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 May 2024 14:10:08 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame 45F4 407 KB
163 KB 162ms
70ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 07:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166449
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 May 2024 07:02:47 GMT

GET
H2 200 dc_pre=COeooOian_8CFZZCwgodlZ0BHA;src=9697935;type=unive0;cat=unive00;ord=1;num=619087702864;gtm=45He35o0;auiddc=*;u1=https%3A%2F%2Fwww.figure.com%2Flogin;u2=Login%20to%20your%20Figure%20account;u3...
adservice.google.com/ddm/fls/z/ Frame DFA7 42 B
401 B 185ms
83ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COeooOian_8CFZZCwgodlZ0BHA;src=9697935;type=unive0;cat=unive00;ord=1;num=619087702864;gtm=45He35o0;auiddc=*;u1=https%3A%2F%2Fwww.figure.com%2Flogin;u2=Login%20to%20your%20Figure%20account;u3=;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.figure.com%2Flogin

Requested by

Host: 9697935.fls.doubleclick.net
URL: https://9697935.fls.doubleclick.net/activityi;dc_pre=COeooOian_8CFZZCwgodlZ0BHA;src=9697935;type=unive0;cat=unive00;ord=1;num=619087702864;gtm=45He35o0;auiddc=1029763495.1685524163;u1=https%3A%2F%2Fwww.figure.com%2Flogin;u2=Login%20to%20your%20Figure%20account;u3=;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.figure.com%2Flogin?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9697935.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 09:09:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 78ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GDR4NE627G&gtm=45je35o0&_p=1989501772&cid=1525371361.1685524164&ul=en-us&_geo=1&_rdi=1&ngs=1&_s=2&sid=1685524163&sct=1&seg=0&dl=https%3A%2F%2Fwww.figure.com%2Flogin&dt=Login%20to%20your%20Figure%20account&en=helocLightMode&ep.%22page_view%22=%22color_mode%22%3AhelocLightMode&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GDR4NE627G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 09:09:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.figure.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 73ms
72ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-116189000-1&cid=1525371361.1685524164&jid=1196099711&_u=YGBAgEABAAAAAEAAI~&z=686016549

Requested by

Host: www.figure.com
URL: https://www.figure.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 09:09:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
107 B 68ms
67ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-116189000-1&cid=1525371361.1685524164&jid=1196099711&_u=YGBAgEABAAAAAEAAI~&z=686016549

Requested by

Host: www.figure.com
URL: https://www.figure.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 09:09:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 3 KB
3 KB 126ms
125ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=14DPH6
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

OPTIONS
H2 503 track
web.chtbl.com/ Frame 0
0 312ms
135ms Preflight
text/html 2600:9000:206f:8000:0:cc59:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.chtbl.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8000:0:cc59:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.figure.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-length: 564
content-type: text/html
date: Wed, 31 May 2023 09:09:24 GMT
server: awselb/2.0
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-cf-id: x7ASI7Gs0lcLYW9BWX_FlZzPOzY9Cin5b_KKSZqLeF21QKBdI_bhaw==
x-amz-cf-pop: FRA56-C1
x-cache: Error from cloudfront

POST track
web.chtbl.com/ 0
0

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 126ms
124ms Stylesheet
text/css 52.71.37.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.37.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-37-165.compute-1.amazonaws.com
Software: /
Resource Hash: e6f0be47ade50b73290ea314bc49a145de9efdf7e93d616a4ec405eadf5bbad0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 31 May 2023 09:09:23 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
793 B 364ms
117ms Fetch
image/jpeg 52.71.37.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.37.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-37-165.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 31 May 2023 09:09:24 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 71 KB
21 KB 47ms
47ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 31 May 2023 09:09:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21675
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: HIF0d/fYaFV+IryNLihJlG560QQ2nQrjZtx3Pl9r4k0Bjr++9hqVtsDByVfNp1rHc/kddhMb3wKf8QGVqzGLGA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 48ms
47ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=172100066969171&ev=PageView&dl=https%3A%2F%2Fwww.figure.com%2Flogin&rl=&if=false&ts=1685524164012&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&fbp=fb.1.1685524164011.1552594764&it=1685524163829&coo=false&tm=1&exp=a0&rqm=GET

Requested by

Host: www.figure.com
URL: https://www.figure.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 31 May 2023 09:09:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 pixel
flask.nextdoor.com/ 0
111 B 212ms
190ms Image
text/plain 35.163.78.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=fce269f0-dd22-4799-8a22-025cb6ce3504&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.figure.com%2Flogin&ndclid=&rf=&sem=&tm=1
Requested by: Host: www.figure.com
URL: https://www.figure.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.78.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-78-87.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:24 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
context-id: 98f86bfd-9e1e-4f58-8a8b-416f1cd4f100

GET
H/1.1 200
OK is Show response
52.71.121.170/ 32 B
437 B 500ms
123ms Fetch
text/plain 52.71.121.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://52.71.121.170/is
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.71.121.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-121-170.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: ab6f0e3aa3350be94f64e63fcf7c6a070940da3e2b6774f333451077ae2b4d85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:24 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 45F4 2 KB
2 KB 46ms
46ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 296209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 03 Jun 2023 22:52:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 45F4 15 KB
15 KB 44ms
42ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 21:40:32 GMT
x-content-type-options: nosniff
age: 127732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 May 2024 21:40:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 45F4 15 KB
15 KB 52ms
51ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 22:41:31 GMT
x-content-type-options: nosniff
age: 296873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 22:41:31 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 45F4 102 B
134 B 70ms
70ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1bf768716a75b7620d341f775d10d79ee73a3a47f6609a24ca25dd88e4aeda95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfXiDAkAAAAADQBQfWhpvkTQGf_h1cmAdalgufQ&co=aHR0cHM6Ly93d3cuZmlndXJlLmNvbTo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=5qqv4wt9o2zn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 31 May 2023 09:09:24 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame CE1D 0
0 136ms
39ms Document
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.figure.com
URL: https://www.figure.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash

Request headers

Referer: https://www.figure.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Wed, 31 May 2023 09:09:23 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

GET
H2 200 902847708beb6f78
pixel.sitescout.com/up/ 43 B
267 B 138ms
41ms Image
image/gif 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/902847708beb6f78?cntr_url=https%3A%2F%2Fwww.figure.com%2Flogin
Requested by: Host: www.figure.com
URL: https://www.figure.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 09:09:24 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 45F4 32 KB
18 KB 174ms
174ms XHR
application/json 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6LfXiDAkAAAAADQBQfWhpvkTQGf_h1cmAdalgufQ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

46920d646cfda1000cbb4d7135d614d03f19cc792eee800a0d8a6dc2e11e1b34

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfXiDAkAAAAADQBQfWhpvkTQGf_h1cmAdalgufQ&co=aHR0cHM6Ly93d3cuZmlndXJlLmNvbTo0NDM.&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=5qqv4wt9o2zn
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 31 May 2023 09:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18805
x-xss-protection: 1; mode=block
expires: Wed, 31 May 2023 09:09:24 GMT

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
310 B 125ms
120ms XHR
text/plain 52.71.37.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=0nB45ca5WSXJ6nD7CxD8VA&is_js=true&landing_url=https%3A%2F%2Fwww.figure.com%2Flogin&t=Login%20to%20your%20Figure%20account&tip=zKTlj-qkyBP6rKRM0WuQJz8EEUcIfRSubj00tij5UXQ&host=https://www.figure.com&sa-user-id-v2=s%253Az6wdukrZUW97PxAj7jDsKtmKxGc.4Wa9rS6nlYUztTY2dm7LZDSHtNLXJ4BfHoy4yGxVskA&sa-user-id=s%253A0-cfac1dba-4ad9-516f-7b3f-1023ee30ec2a.VLZU8LUBdM6wPVtU08Mvrc6SsaqsD4eUYpva4FUEPPg
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.37.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-37-165.compute-1.amazonaws.com
Software: /
Resource Hash: e2fcf09a9fbdc315f0c24433d74cb746416cd13ea35f49436754ea9af7770313

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://www.figure.com
date: Wed, 31 May 2023 09:09:24 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 116
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 / Show response
api.ipdata.co/ 2 KB
1 KB 190ms
84ms XHR
application/json 3.69.229.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipdata.co/?api-key=0d5e0d3777e6cc2db2201382a813b1ff31ee341af30f5e8473e8c4f2
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.229.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-229-111.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4db84992841eeabd52d0b00cb9dc89cbe45f67dab6a3daea6b157fefe42056aa

Request headers

Accept: application/response
Referer: https://www.figure.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:24 GMT
content-encoding: gzip
x-amzn-requestid: bb6a5c22-63f3-494b-8062-4edf58346316
x-amzn-trace-id: Root=1-64770ec4-43ebf37b2182684e2f16e1ff;Sampled=0;lineage=6421a650:0|a863b97f:0
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amz-apigw-id: Fx8-zEVvliAFRvw=
content-length: 725
access-control-allow-headers: Content-Type

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 50ms
49ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1989501772&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.figure.com%2Flogin&ul=en-us&de=UTF-8&dt=Login%20to%20your%20Figure%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=LWD&ea=Tracking&el=Cookie%20ID&ev=1525371361&_u=aHDAAEABAAAAAGAAI~&jid=901239446&gjid=54687968&cid=1525371361.1685524164&tid=UA-116189000-1&_gid=183807380.1685524164&_r=1&_slc=1&gtm=45He35o0n81K6DBZZC&cd1=&cd2=&cd4=&cd5=1525371361.1685524164&z=799749329

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.figure.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 May 2023 09:09:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.figure.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 44ms
43ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1989501772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.figure.com%2Flogin&ul=en-us&de=UTF-8&dt=Login%20to%20your%20Figure%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25%25&el=%2Flogin&_u=aHDAAEABAAAAAGAAI~&jid=&gjid=&cid=1525371361.1685524164&tid=UA-116189000-1&_gid=183807380.1685524164&gtm=45He35o0n81K6DBZZC&cd1=&cd2=&cd4=&z=1372362167

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 20:59:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43781
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 48ms
47ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1989501772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.figure.com%2Flogin&ul=en-us&de=UTF-8&dt=Login%20to%20your%20Figure%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=50%25&el=%2Flogin&_u=aHDAAEABAAAAAGAAI~&jid=&gjid=&cid=1525371361.1685524164&tid=UA-116189000-1&_gid=183807380.1685524164&gtm=45He35o0n81K6DBZZC&cd1=&cd2=&cd4=&z=292498421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 20:59:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43781
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 48ms
47ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1989501772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.figure.com%2Flogin&ul=en-us&de=UTF-8&dt=Login%20to%20your%20Figure%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=75%25&el=%2Flogin&_u=aHDAAEABAAAAAGAAI~&jid=&gjid=&cid=1525371361.1685524164&tid=UA-116189000-1&_gid=183807380.1685524164&gtm=45He35o0n81K6DBZZC&cd1=&cd2=&cd4=&z=1770801697

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 20:59:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43781
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 49ms
48ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1989501772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.figure.com%2Flogin&ul=en-us&de=UTF-8&dt=Login%20to%20your%20Figure%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=100%25&el=%2Flogin&_u=aHDAAEABAAAAAGAAI~&jid=&gjid=&cid=1525371361.1685524164&tid=UA-116189000-1&_gid=183807380.1685524164&gtm=45He35o0n81K6DBZZC&cd1=&cd2=&cd4=&z=210425656

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 20:59:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43781
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
2 KB 777ms
194ms Script
application/javascript 35.81.173.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-116189000-1%3BG-GDR4NE627G&ga_client_id=1525371361.1685524164&shpt=Login%20to%20your%20Figure%20account&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-116189000-1%3BG-GDR4NE627G%22%2C%22ga_client_id%22%3A%221525371361.1685524164%22%2C%22shpt%22%3A%22Login%20to%20your%20Figure%20account%22%2C%22dcm_cid%22%3A%221525371361.1685524164%22%2C%22dcm_gid%22%3A%22183807380.1685524164%22%2C%22mntnis%22%3A%22xIT5ffhZrRsCqUO49iE%2BTHy6M4boQbtB%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1525371361.1685524164&dcm_gid=183807380.1685524164&dxver=4.0.0&shaid=32590&plh=https%3A%2F%2Fwww.figure.com%2Flogin&cb=60839026537002860term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Csh_conversion%3DSHBLOCK
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32590&tdr=&plh=https%3A%2F%2Fwww.figure.com%2Flogin&cb=60839026537002860term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.173.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-173-170.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 6fc3d11fa34a6b425910f21e836620d2d0d4a22c509e3362bb2b042f7a1a1c9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:25 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 1
connection: close

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
73 B 36ms
35ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-116189000-1&cid=1525371361.1685524164&jid=901239446&gjid=54687968&_gid=183807380.1685524164&_u=aHDAAEABAAAAAGAAI~&z=1787351224

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.figure.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 31 May 2023 09:09:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.figure.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-116189000-1&cid=1525371361.1685524164&jid=901239446&_u=aHDAAEABAAAAAGAAI~&z=253136078

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 09:09:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 68ms
67ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-116189000-1&cid=1525371361.1685524164&jid=901239446&_u=aHDAAEABAAAAAGAAI~&z=253136078

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 09:09:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
lwpixel.azurefd.net/t/v2/figurev3/ 33 B
253 B 524ms
366ms Image
image/gif 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lwpixel.azurefd.net/t/v2/figurev3/?c=1525371361.1685524164&d=1685524163439.sh5s1ane&y=1685524164689&z=55390379885669065000&i=217.138.196.103&j=business&k=M247%20Europe%20SRL&p=M32&q=0000110000&threats=100&trusts=0&proxys=100&vpns=100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bf7c178697d05163c48c177f5c58e49f7f08dfc6e618ddba632a45822ab5c051

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 09:09:25 GMT
x-azure-ref: 20230531T090925Z-9xyuehc869389c2yzyzg4qy1kg00000003eg000000008u1a
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 33

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 287ms
155ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=14DPH6&UserId=5340468977086464&SessionId=4651787949715456&PageId=3481151606021946791&Seq=1&PageStart=1685524163658&PrevBundleTime=0&LastActivity=863&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: c13b0bfecabf0dca016ae7dd1ab337227f770184782f1a6410392a710d0e5ef4

Request headers

Referer: https://www.figure.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.figure.com
date: Wed, 31 May 2023 09:09:25 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 781ms
191ms Script
application/javascript 35.81.162.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: www.figure.com
URL: https://www.figure.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.162.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-162-201.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 4ce74ea0e1f57a5ad01fc732889b11e20030a864303ef6b91a05cba684409462

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:26 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H/1.1 200
OK st Show response
px.mountain.com/ 5 KB
2 KB 587ms
206ms Script
application/javascript 35.81.173.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-116189000-1%3BG-GDR4NE627G&ga_client_id=1525371361.1685524164&shpt=Login%20to%20your%20Figure%20account&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-116189000-1%3BG-GDR4NE627G%22%2C%22ga_client_id%22%3A%221525371361.1685524164%22%2C%22shpt%22%3A%22Login%20to%20your%20Figure%20account%22%2C%22dcm_cid%22%3A%221525371361.1685524164%22%2C%22dcm_gid%22%3A%22183807380.1685524164%22%2C%22mntnis%22%3A%22xIT5ffhZrRsCqUO49iE%2BTHy6M4boQbtB%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1525371361.1685524164&dcm_gid=183807380.1685524164&dxver=4.0.0&shaid=32590&plh=https%3A%2F%2Fwww.figure.com%2Flogin&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Csh_conversion%3DSHBLOCK&cb=1685524165423506&shguid=7c68ef67-ae58-32ca-8636-5db4c067e8f5&shgts=1685524166212
Requested by: Host: www.figure.com
URL: https://www.figure.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.173.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-173-170.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 59a5995ee7a33c9bdbcd32f47664ff7a9cd2fb37ee81fc4e13c9e13fa4a189c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:09:26 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 15
connection: close

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 134ms
42ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=d6e89cc6-ff92-11ed-b2f5-eff1a61f8d12&gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 31 May 2023 09:09:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 133ms
41ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=x0ueadr&ct=0:zuq6xv5&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 31 May 2023 09:09:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 43ms
42ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GDR4NE627G&gtm=45je35o0&_p=1989501772&cid=1525371361.1685524164&ul=en-us&_eu=AEA&_geo=1&_rdi=1&ngs=1&_s=3&sid=1685524163&sct=1&seg=0&dl=https%3A%2F%2Fwww.figure.com%2Flogin&dt=Login%20to%20your%20Figure%20account&en=scroll&epn.percent_scrolled=90&_et=26
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GDR4NE627G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.figure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 09:09:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.figure.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 134ms
134ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=14DPH6&UserId=5340468977086464&SessionId=4651787949715456&PageId=3481151606021946791&Seq=2&PageStart=1685524163658&PrevBundleTime=1685524165126&LastActivity=4858&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: c2c16d7df1acc1951dff7a48c5f250afe7b4a84e27a2dc6abe7f9ef74ee65871

Request headers

Referer: https://www.figure.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.figure.com
date: Wed, 31 May 2023 09:09:28 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: web.chtbl.com
URL: https://web.chtbl.com/track

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 16:31:16	Name: _GRECAPTCHA Value: 09ALyjir9eVaMLlLivyTyyZ3f63SAMiWGplWnvxhk3tfJTqTeOeurTWX_f3H_EqL7aduMK-sp2nFKPBddoOgtDE0U
.figure.com/	1970-01-20 14:21:40	Name: _gcl_au Value: 1.1.1029763495.1685524163
www.figure.com/	1970-01-20 12:22:08	Name: FPC Value: 9433de33-2928-4e80-929f-7894e6d04755
.figure.com/	1970-01-20 12:13:30	Name: _gid Value: GA1.2.183807380.1685524164
.figure.com/	1970-01-20 12:12:04	Name: _dc_gtm_UA-116189000-1 Value: 1
.figure.com/	1970-01-20 12:13:30	Name: _uetsid Value: d5e09050ff9211ed9dbc7f8e6b1c4218
.figure.com/	1970-01-20 21:33:40	Name: _uetvid Value: d5e0b490ff9211eda6995564aa3f9810
.bing.com/	1970-01-20 21:33:40	Name: MUID Value: 01C27267E4EA6E991FB86145E5116FA2
.doubleclick.net/	1970-01-20 21:33:40	Name: IDE Value: AHWqTUlPEaeLnulrWsftlrWUN6fKe9MhYnr-F7vjFlXbnSR7sIjfQ1ua3QDmBUE_80c
tags.srv.stackadapt.com/	1970-01-20 20:57:40	Name: sa-user-id Value: s%3A0-cfac1dba-4ad9-516f-7b3f-1023ee30ec2a.VLZU8LUBdM6wPVtU08Mvrc6SsaqsD4eUYpva4FUEPPg
tags.srv.stackadapt.com/	1970-01-20 20:57:40	Name: sa-user-id-v2 Value: s%3Az6wdukrZUW97PxAj7jDsKtmKxGc.4Wa9rS6nlYUztTY2dm7LZDSHtNLXJ4BfHoy4yGxVskA
.srv.stackadapt.com/	1970-01-20 20:57:40	Name: sa-user-id-v2 Value: s%3Az6wdukrZUW97PxAj7jDsKtmKxGc.4Wa9rS6nlYUztTY2dm7LZDSHtNLXJ4BfHoy4yGxVskA
.figure.com/	1970-01-20 21:48:04	Name: _ga_GDR4NE627G Value: GS1.1.1685524163.1.0.1685524163.0.0.0
.figure.com/	1970-01-20 20:57:40	Name: fs_uid Value: #14DPH6#5340468977086464:4651787949715456:::#/1717060163
www.figure.com/	1970-01-20 20:59:06	Name: _wchtbl_uid Value: 5fc68d34-e226-4e52-8e63-2fd32ba96ec6
www.figure.com/	1969-12-31 23:59:59	Name: _wchtbl_sid Value: 44908444-02e6-4195-9061-21422887403e
www.figure.com/	1970-01-20 20:57:40	Name: sa-user-id Value: s%253A0-cfac1dba-4ad9-516f-7b3f-1023ee30ec2a.VLZU8LUBdM6wPVtU08Mvrc6SsaqsD4eUYpva4FUEPPg
www.figure.com/	1970-01-20 20:57:40	Name: sa-user-id-v2 Value: s%253Az6wdukrZUW97PxAj7jDsKtmKxGc.4Wa9rS6nlYUztTY2dm7LZDSHtNLXJ4BfHoy4yGxVskA
.figure.com/	1970-01-20 14:21:40	Name: _fbp Value: fb.1.1685524164011.1552594764
.ipredictive.com/	1970-01-20 20:57:40	Name: cu Value: 231c5f9f-decd-4269-b878-fd40f1b0bde8\|1685524163995
.figure.com/	1970-01-20 21:48:04	Name: _ga Value: GA1.2.1525371361.1685524164
.figure.com/	1970-01-20 12:12:04	Name: _gat_UA-116189000-1 Value: 1
.mountain.com/	1970-01-20 21:48:04	Name: guid Value: d6e89cc6-ff92-11ed-b2f5-eff1a61f8d12
.px.mountain.com/	1970-01-20 21:48:04	Name: tt Value: "H4sIAAAAAAAAAKtW8guKNzYytTSINzK3NFayMtBBErEwtgCLIHMNzSxMTY1MDM3MzC0sdJTKlKyMagH3gcaFRgAAAA=="
.mountain.com/	1970-01-20 21:48:04	Name: rt Value: "MzI1OTA6MTY4NTUyNDE2Ng=="

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.figure.com/login Message: Access to XMLHttpRequest at 'https://web.chtbl.com/track' from origin 'https://www.figure.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://web.chtbl.com/track Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9697935.fls.doubleclick.net
ad.ipredictive.com
ads.nextdoor.com
adservice.google.com
api.ipdata.co
bat.bing.com
connect.facebook.net
dx.mountain.com
edge.fullstory.com
ext.chtbl.com
flask.nextdoor.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gs.mountain.com
insight.adsrvr.org
lwjs.azureedge.net
lwpixel.azurefd.net
match.adsrvr.org
pixel.sitescout.com
px.mountain.com
region1.google-analytics.com
rs.fullstory.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
up.pixel.ad
web.chtbl.com
www.facebook.com
www.figure.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.gstatic.com
web.chtbl.com
142.250.185.198
15.197.193.217
2001:4860:4802:32::36
2600:9000:206f:8000:0:cc59:3900:93a1
2600:9000:2240:d200:a:b27c:d040:93a1
2620:1ec:4e:1::44
2620:1ec:4f:1::44
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::2004
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.69.229.111
34.160.235.105
35.163.78.87
35.186.194.58
35.201.112.186
35.81.162.201
35.81.173.170
41.63.96.2
44.209.137.118
52.223.40.198
52.71.121.170
52.71.37.165
54.173.192.218
98.98.134.243
0735451500c28d99aaa699b440b995633d4516c9b577a83e60e12ec6cb5f05b3
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f
1284ee7022cc0b1c1e26d1d441f26064d32d149bf88b0f8e5f56c44c84ad5b31
12d55b65c250c09750d5d84ffd964e314678b3768df7647065f4e63b12fae98a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bf768716a75b7620d341f775d10d79ee73a3a47f6609a24ca25dd88e4aeda95
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308
287918d8ea6577268290a63cd4d73ecfc7b57116fc4166c165701049bdd7a899
32a0863b57377a00206e50f211e03d6aedad028795eb5e4ec06b89b6cb8c1343
32a9fa25622b017e50f8f5c34e1bee3b5b7e9eeed9c94693aebf3d91c5d6e5b7
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
46920d646cfda1000cbb4d7135d614d03f19cc792eee800a0d8a6dc2e11e1b34
4ce74ea0e1f57a5ad01fc732889b11e20030a864303ef6b91a05cba684409462
4db84992841eeabd52d0b00cb9dc89cbe45f67dab6a3daea6b157fefe42056aa
59a5995ee7a33c9bdbcd32f47664ff7a9cd2fb37ee81fc4e13c9e13fa4a189c0
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e9a6c2836a404c274d2fe8efb8222822749babac8dc792f0619bcc78fdb73cb
5ff25042e6c9d7e25226905f6338fa7a9964b1dc1c4694a186759b22353c2f9f
62a7f18e33451b67c84d01980ddcf39d0f475f79fbb2208b679d33c5fa9f4f47
64d713537c6a5e114e01efb5143507e2617ed78662d1b119cd0c693731dc374e
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6fc3d11fa34a6b425910f21e836620d2d0d4a22c509e3362bb2b042f7a1a1c9e
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
817f2e5090a74d4714cb6113f70a040bb74887aa599107070f0df668fe4219ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
96d06a09b464dd94c7cdc52e2795350a816a9111ae24a93b4a5763ad58803c20
9ade3d15a2a21dfb1e6dbda91e0daef0a95ffd97646e1c2edfc72461840b768a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
a46f83780c75d3e9af0f90a1cf76fb9d42b249dd131803d1802138002be42c3d
a90891e89be86742808111298c2a8e1282b795410004eeb87681993c2ed2e26a
ab6f0e3aa3350be94f64e63fcf7c6a070940da3e2b6774f333451077ae2b4d85
aebc64914c242b037e90dfca4f615df46819a3684f28f9bcf02301f3492caa2c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bf7c178697d05163c48c177f5c58e49f7f08dfc6e618ddba632a45822ab5c051
c13b0bfecabf0dca016ae7dd1ab337227f770184782f1a6410392a710d0e5ef4
c19eb38c97589f51122385b03946cacda4940c2369d1483fa3339aa404e7bd6b
c2c16d7df1acc1951dff7a48c5f250afe7b4a84e27a2dc6abe7f9ef74ee65871
c2ef1fb8e14731044ec0ef5180e4252ce4620bab1fa108ce11907f64db95a8c6
c7e5e9ea17c28a5940b54510535d0b08639dd0e47e8fa8eb557cba0a803050e3
c89c2ab608bb75738eebdbefce20d21939d351abd1c204f1d6b6b4d336f88363
ccf2dc3eeda1c3840c92f1e7ec7ee0a16afbca78a98895cd7c96b68cc20890af
d2ab7f053de5298301569b9ec31a75ce0e44376c20679a6de86f4b0a3792cab0
dbb32ba47fef391c4553edcb4296dfa58159fde054a99a979cfddce9bb82676c
dbbf534072e1e33a6630c3c0a83a2767372959295f0aac92265d3b97f1f070d0
dd03f8012f35b0992a36ce31833184137ed6fd3be0e466e54d79edca1ceda9fd
e2fcf09a9fbdc315f0c24433d74cb746416cd13ea35f49436754ea9af7770313
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f0be47ade50b73290ea314bc49a145de9efdf7e93d616a4ec405eadf5bbad0
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8622f68d6b93f413e46b5782b97f26cbec2369eeba3732b4c08b6073dae92db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138
f8d723cd054f1d80488e48f7ea85d4c4661bc20fea3cbd5ed9beb233c311cb4a

www.figure.com Open in urlscan Pro 34.160.235.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

99 %HTTPS

53 %IPv6

23 Domains

34 Subdomains

35 IPs

3 Countries

2456 kBTransfer

4230 kBSize

25 Cookies

1 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.figure.com Open in urlscan Pro
34.160.235.105 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

99 %
HTTPS

53 %
IPv6

23
Domains

34
Subdomains

35
IPs

3
Countries

2456 kB
Transfer

4230 kB
Size

25
Cookies

86 HTTP transactions
0 data transactions