www.figma.com Open in urlscan Pro
18.66.192.126  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	403	Primary Request WU-11945_Chat-Pay-for-Subs_Make-a-Payment_19-Apr-23 Show response www.figma.com/proto/xjVAxeOp7GITaGcGs426rG/	71 KB 19 KB	291ms 264ms	Document text/html	18.66.192.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.figma.com/proto/xjVAxeOp7GITaGcGs426rG/WU-11945_Chat-Pay-for-Subs_Make-a-Payment_19-Apr-23 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-126.muc50.r.cloudfront.net Software / Resource Hash 0f3627692b33ace16539963461f81b990286b76fd351708e0d4b0623622768fc Security Headers Name Value Content-Security-Policy script-src 'unsafe-eval' 'nonce-1LfEmd0R05uHZbNTW4WXDw==' 'strict-dynamic' ; style-src 'self' 'unsafe-inline' https://www.figma.com/esbuild-artifacts/ https://fonts.googleapis.com/ https://accounts.google.com/gsi/style https://trello.com/power-ups/power-up.css https://p.trellocdn.com/power-up.css https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css ; worker-src 'self' blob: ; object-src 'none' ; base-uri 'self' ; frame-ancestors 'self' vscode-webview: vscode-file: , script-src 'self' https://www.figma.com/ 'unsafe-eval' 'unsafe-inline' https://admin.figma.com/admin/esbuild-artifacts/ https://figma-private-data.s3.us-west-2.amazonaws.com/esbuild-artifacts/ blob: https://accounts.google.com/gsi/client https://static.figma.com/fullscreen/ https://static.figma.com/uploads/539fd13ba437049b058e7e83fd54539c86878320 https://static.figma.com/uploads/0706b46bdc09a419282285b791ea1dd3c019ecd6 https://static.figma.com/scripts/ https://static.zdassets.com https://ekr.zdassets.com https://assets.zendesk.com/apps/sdk/2.0/zaf_sdk.js https://js.stripe.com https://trello.com/power-ups/power-up.min.js https://p.trellocdn.com/power-up.min.js https://statics.teams.cdn.office.net/sdk/v1.6.0/js/MicrosoftTeams.min.js https://alcdn.msauth.net/browser/2.21.0/js/msal-browser.min.js https://apis.google.com/ ; worker-src 'self' blob: Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-store content-encoding br content-security-policy script-src 'unsafe-eval' 'nonce-1LfEmd0R05uHZbNTW4WXDw==' 'strict-dynamic' ; style-src 'self' 'unsafe-inline' https://www.figma.com/esbuild-artifacts/ https://fonts.googleapis.com/ https://accounts.google.com/gsi/style https://trello.com/power-ups/power-up.css https://p.trellocdn.com/power-up.css https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css ; worker-src 'self' blob: ; object-src 'none' ; base-uri 'self' ; frame-ancestors 'self' vscode-webview: vscode-file: , script-src 'self' https://www.figma.com/ 'unsafe-eval' 'unsafe-inline' https://admin.figma.com/admin/esbuild-artifacts/ https://figma-private-data.s3.us-west-2.amazonaws.com/esbuild-artifacts/ blob: https://accounts.google.com/gsi/client https://static.figma.com/fullscreen/ https://static.figma.com/uploads/539fd13ba437049b058e7e83fd54539c86878320 https://static.figma.com/uploads/0706b46bdc09a419282285b791ea1dd3c019ecd6 https://static.figma.com/scripts/ https://static.zdassets.com https://ekr.zdassets.com https://assets.zendesk.com/apps/sdk/2.0/zaf_sdk.js https://js.stripe.com https://trello.com/power-ups/power-up.min.js https://p.trellocdn.com/power-up.min.js https://statics.teams.cdn.office.net/sdk/v1.6.0/js/MicrosoftTeams.min.js https://alcdn.msauth.net/browser/2.21.0/js/msal-browser.min.js https://apis.google.com/ ; worker-src 'self' blob: content-type text/html;charset=utf-8 date Thu, 25 May 2023 13:19:34 GMT referrer-policy origin-when-cross-origin report-to {"group":"default", "max_age":604800, "endpoints":[{"url":"https://www.figma.com/api/web_logger/browser_report?tsid=Eq0B0avILP6mg1NF"}], "include_subdomains":true} reporting-endpoints default="https://www.figma.com/api/web_logger/browser_report?tsid=Eq0B0avILP6mg1NF" strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via 1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront) x-amz-cf-id a6IPsk88mfEwb6L2t07SYMYTJiLiT5NQbOY1F32eQpDPzT9yp0Daww== x-amz-cf-pop MUC50-P1 x-cache Error from cloudfront x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	request_permissions.min.css.br www.figma.com/esbuild-artifacts/7480f85b9676abc9c007035cdd2a2842d0835c63/css/	426 KB 43 KB	10ms 8ms	Stylesheet text/css	18.66.192.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.figma.com/esbuild-artifacts/7480f85b9676abc9c007035cdd2a2842d0835c63/css/request_permissions.min.css.br Requested by Host: www.figma.com URL: https://www.figma.com/proto/xjVAxeOp7GITaGcGs426rG/WU-11945_Chat-Pay-for-Subs_Make-a-Payment_19-Apr-23 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-126.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 4109c2663e3b3d22244c6aea88838eb19f37c9ee618b506005f6cd7caba41681 Request headers accept-language de-DE,de;q=0.9 Referer https://www.figma.com/proto/xjVAxeOp7GITaGcGs426rG/WU-11945_Chat-Pay-for-Subs_Make-a-Payment_19-Apr-23 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 24 May 2023 21:43:33 GMT content-encoding br via 1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront) x-amz-version-id .dytPFZAdsEd3nvGrUaYGzU2NLxKaOi0 x-amz-cf-pop MUC50-P1 age 56163 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status FAILED alt-svc h3=":443"; ma=86400 content-length 43858 last-modified Wed, 24 May 2023 21:26:56 GMT server AmazonS3 etag "b8ac2c96e4fc12a0dceb7f7c4e5cd558" content-type text/css; charset=utf-8 cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id lvJa0gZo1XZMfRdpp43_RoQk_GLB0RVXTv-Y8ym_wdFQS5QRZcsVUw==
GET H2	200	request_permissions.min.js.br Show response www.figma.com/esbuild-artifacts/7480f85b9676abc9c007035cdd2a2842d0835c63/js/	2 MB 475 KB	15ms 14ms	Script application/javascript	18.66.192.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.figma.com/esbuild-artifacts/7480f85b9676abc9c007035cdd2a2842d0835c63/js/request_permissions.min.js.br Requested by Host: www.figma.com URL: https://www.figma.com/proto/xjVAxeOp7GITaGcGs426rG/WU-11945_Chat-Pay-for-Subs_Make-a-Payment_19-Apr-23 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-126.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 202c6be40150fe303d081c278456583c776d7610a63d016e9da654bce895a931 Request headers Referer https://www.figma.com/proto/xjVAxeOp7GITaGcGs426rG/WU-11945_Chat-Pay-for-Subs_Make-a-Payment_19-Apr-23 Origin https://www.figma.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 24 May 2023 21:43:36 GMT content-encoding br via 1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront) x-amz-version-id riJj0rFFwlFALG63hFd9mIUmd64BmLgo x-amz-cf-pop MUC50-P1 age 56160 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status FAILED alt-svc h3=":443"; ma=86400 content-length 484835 last-modified Wed, 24 May 2023 21:26:58 GMT server AmazonS3 etag "e55e451d408380446f212624aeee50a7" access-control-max-age 86400 access-control-allow-methods GET, HEAD content-type application/javascript; charset=utf-8 access-control-allow-origin https://www.figma.com cache-control max-age=31536000 access-control-allow-credentials true vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id L1qHgj07eGOJ37U04fUh3owQ1JlGaxrBCYV7vMDX7xIkOfVEUsxKtw==
GET H2	200	request_permissions.en.json.br www.figma.com/esbuild-artifacts/7480f85b9676abc9c007035cdd2a2842d0835c63/intl/	110 KB 24 KB	12ms 11ms	Other application/json	18.66.192.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.figma.com/esbuild-artifacts/7480f85b9676abc9c007035cdd2a2842d0835c63/intl/request_permissions.en.json.br Requested by Host: www.figma.com URL: https://www.figma.com/proto/xjVAxeOp7GITaGcGs426rG/WU-11945_Chat-Pay-for-Subs_Make-a-Payment_19-Apr-23 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-126.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 515286f5d1a903bdb96e26ac36c4851cf64b026051648b65613e90a0cabf30fe Request headers Referer https://www.figma.com/proto/xjVAxeOp7GITaGcGs426rG/WU-11945_Chat-Pay-for-Subs_Make-a-Payment_19-Apr-23 Origin https://www.figma.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 24 May 2023 21:43:30 GMT content-encoding br via 1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront) x-amz-version-id DqgP3D0MYKR8icXrGzLX6fWv.qiPyFxw x-amz-cf-pop MUC50-P1 age 56166 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status FAILED alt-svc h3=":443"; ma=86400 content-length 23535 last-modified Wed, 24 May 2023 21:26:56 GMT server AmazonS3 etag "e06e861020d2e1db99cc55510ce57f89" access-control-max-age 86400 access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin https://www.figma.com cache-control max-age=31536000 access-control-allow-credentials true vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id yt9WmRhsvbwCC9F02C74PQAAuDXSHgSJC8zhXMsvyQuODCfp9QDyDA==
POST H3	200	page Show response www.figma.com/api/figment-proxy/	62 B 367 B	446ms 445ms	Fetch text/plain	18.66.192.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.figma.com/api/figment-proxy/page Requested by Host: www.figma.com URL: https://www.figma.com/esbuild-artifacts/7480f85b9676abc9c007035cdd2a2842d0835c63/js/request_permissions.min.js.br Protocol H3 Security QUIC, , AES_128_GCM Server 18.66.192.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-126.muc50.r.cloudfront.net Software / Resource Hash b73c79c8ec1188da80be439bbd57fdf2878bcf02388a79c27391d037722baee2 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'self'; sandbox Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.figma.com/proto/xjVAxeOp7GITaGcGs426rG/WU-11945_Chat-Pay-for-Subs_Make-a-Payment_19-Apr-23 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/json Response headers date Thu, 25 May 2023 13:19:35 GMT content-security-policy default-src 'none'; frame-ancestors 'self'; sandbox via 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront content-type text/plain; charset=utf-8 access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 62 x-amz-cf-id mi-XJ0hZi47eTNQxW4GgMChXq55ujahAddzzRWwmP6AFI--8JmTskw==
POST H3	200	page Show response www.figma.com/api/figment-proxy/	62 B 368 B	447ms 447ms	Fetch text/plain	18.66.192.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.figma.com/api/figment-proxy/page Requested by Host: www.figma.com URL: https://www.figma.com/esbuild-artifacts/7480f85b9676abc9c007035cdd2a2842d0835c63/js/request_permissions.min.js.br Protocol H3 Security QUIC, , AES_128_GCM Server 18.66.192.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-126.muc50.r.cloudfront.net Software / Resource Hash 01dc4a6d2e9a006661ca831f2d4a99b1aa88d687f656559bb96d3f28c0187ef9 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'self'; sandbox Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.figma.com/proto/xjVAxeOp7GITaGcGs426rG/WU-11945_Chat-Pay-for-Subs_Make-a-Payment_19-Apr-23 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/json Response headers date Thu, 25 May 2023 13:19:35 GMT content-security-policy default-src 'none'; frame-ancestors 'self'; sandbox via 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront content-type text/plain; charset=utf-8 access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 62 x-amz-cf-id dxW_xXZ6VdGgCaT1K5Cs4lQqUE6gO1PG8-VVcm5xW3XFNl40w8CKTw==
POST H3	200	monitor Show response www.figma.com/api/figment-proxy/	62 B 367 B	439ms 438ms	Fetch text/plain	18.66.192.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.figma.com/api/figment-proxy/monitor Requested by Host: www.figma.com URL: https://www.figma.com/esbuild-artifacts/7480f85b9676abc9c007035cdd2a2842d0835c63/js/request_permissions.min.js.br Protocol H3 Security QUIC, , AES_128_GCM Server 18.66.192.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-126.muc50.r.cloudfront.net Software / Resource Hash 628900f3eb5aaf3d8ecee629dedcdf4b09f24d282c6be9e0d3bd9c56f67ab896 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'self'; sandbox Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.figma.com/proto/xjVAxeOp7GITaGcGs426rG/WU-11945_Chat-Pay-for-Subs_Make-a-Payment_19-Apr-23 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/json Response headers date Thu, 25 May 2023 13:19:35 GMT content-security-policy default-src 'none'; frame-ancestors 'self'; sandbox via 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront content-type text/plain; charset=utf-8 access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 62 x-amz-cf-id 9uWhQuhNfrN641b3nLm9__5pB6L-YQxlPv4QpHznSXggvhWUiw87dw==
POST H3	200	monitor Show response www.figma.com/api/figment-proxy/	62 B 366 B	156ms 155ms	Fetch text/plain	18.66.192.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.figma.com/api/figment-proxy/monitor Requested by Host: www.figma.com URL: https://www.figma.com/esbuild-artifacts/7480f85b9676abc9c007035cdd2a2842d0835c63/js/request_permissions.min.js.br Protocol H3 Security QUIC, , AES_128_GCM Server 18.66.192.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-126.muc50.r.cloudfront.net Software / Resource Hash 55ee19c630774b7b603044880bfead0a31cb61f2cc37df21468238112364ac69 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'self'; sandbox Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.figma.com/proto/xjVAxeOp7GITaGcGs426rG/WU-11945_Chat-Pay-for-Subs_Make-a-Payment_19-Apr-23 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/json Response headers date Thu, 25 May 2023 13:19:35 GMT content-security-policy default-src 'none'; frame-ancestors 'self'; sandbox via 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront content-type text/plain; charset=utf-8 access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 62 x-amz-cf-id ZEet63xssiV5TfU7hB-MaPRSLJb4qGk2wc13LTcjs_mo5uJDaRAWQw==
GET H2	200	Whyte-Regular.woff static.figma.com/webfont/1/	55 KB 55 KB	45ms 8ms	Font application/font-woff	108.138.36.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.figma.com/webfont/1/Whyte-Regular.woff Requested by Host: www.figma.com URL: https://www.figma.com/esbuild-artifacts/7480f85b9676abc9c007035cdd2a2842d0835c63/css/request_permissions.min.css.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.55 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-55.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash cf802c496f11ffec942951bf56d49b40bcb0ac41ccdb87c383cc81801564780d Request headers Referer https://www.figma.com/ Origin https://www.figma.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 30 Aug 2022 00:43:51 GMT x-amz-version-id 13dy_uIrAcpY8oJ10ho5o7lUckihvoJx via 1.1 a79cccd642ddc0038c3b0c4a9e7fcd6c.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 age 23200545 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 55984 last-modified Wed, 09 Oct 2019 18:31:10 GMT server AmazonS3 etag "e9d11ebfe0d3ae78facb24eb944ddd70" access-control-max-age 86400 access-control-allow-methods GET, HEAD content-type application/font-woff access-control-allow-origin https://www.figma.com cache-control max-age=31536000 access-control-allow-credentials true vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id _ZMMh1Zryyx56TdA0UncF99AypI_81Ez9G0IKfxmXTNZRviZv1hqog==
GET H2	200	Whyte-Bold.woff static.figma.com/webfont/1/	56 KB 57 KB	43ms 7ms	Font application/font-woff	108.138.36.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.figma.com/webfont/1/Whyte-Bold.woff Requested by Host: www.figma.com URL: https://www.figma.com/esbuild-artifacts/7480f85b9676abc9c007035cdd2a2842d0835c63/css/request_permissions.min.css.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.55 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-55.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash b0b541a74e7cc1f3552e70d2f1d0f4f484b80dca17cb762b4e46f2d9e1d65cc2 Request headers Referer https://www.figma.com/ Origin https://www.figma.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-amz-version-id KJxxKpjyf68k5wFJtaMizunMJq2FE63W date Sat, 20 May 2023 04:38:48 GMT via 1.1 a79cccd642ddc0038c3b0c4a9e7fcd6c.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 age 1496137 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 57800 last-modified Tue, 08 Oct 2019 23:30:52 GMT server AmazonS3 etag "f727a5321431f70eed64cbd42ce05e5e" access-control-max-age 86400 access-control-allow-methods GET, HEAD content-type application/font-woff access-control-allow-origin https://www.figma.com cache-control max-age=31536000 access-control-allow-credentials true vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id uNyScDbt90Fuzt2Pz5pr7CNFaxQshkqKFXMpAeffA7pwp-cmMz9WNQ==
POST H3	200	histogram_batched Show response www.figma.com/api/web_logger/	0 278 B	160ms 159ms	XHR text/plain	18.66.192.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.figma.com/api/web_logger/histogram_batched Requested by Host: www.figma.com URL: https://www.figma.com/esbuild-artifacts/7480f85b9676abc9c007035cdd2a2842d0835c63/js/request_permissions.min.js.br Protocol H3 Security QUIC, , AES_128_GCM Server 18.66.192.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-126.muc50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'self'; sandbox Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers tsid Eq0B0avILP6mg1NF accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/json Accept application/json Referer https://www.figma.com/proto/xjVAxeOp7GITaGcGs426rG/WU-11945_Chat-Pay-for-Subs_Make-a-Payment_19-Apr-23 X-Figma-User-ID X-Csrf-Bypass yes Response headers date Thu, 25 May 2023 13:19:40 GMT content-security-policy default-src 'none'; frame-ancestors 'self'; sandbox via 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop MUC50-P1 x-cache Miss from cloudfront access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 0 x-amz-cf-id R0oAoRkoOqRtI3x8NSUzkfb3fJs9i7UtedTjZQbAQZCPaGgp3QIiwA==

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| INITIAL_OPTIONS object| EARLY_ARGS object| FIGMA_BUNDLE object| sentryConfig object| global object| mpGlobal object| __SENTRY__ object| userAnalyticsDataTools object| experimentTools function| localSeed object| realtimeClient object| FIGMA_appTimer object| FIGMA_opsTimer object| FIGMA_distribution object| store object| LIVEGRAPH

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.figma.com/	1970-01-20 13:01:16	Name: figma.session Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVG86HVJhY2s6OlNlc3Npb246OlNlc3Npb25JZAY6D0BwdWJsaWNfaWRJIkUyOTdlODE3ZDdjNDAxMzQ4NjVhNWQ0NTE5ZTE5NjM4OWY3NzY5OWExMzE1Mzg4YjdiZTQzMzQ5Njc3NDk3MDhlBjsARkkiCmZsYXNoBjsARnsA--0320b481b3a532f04df5f59de1f00569639d1bd4
			.figma.com/	1970-01-20 12:46:52	Name: ajs_anonymous_id Value: %22e3cee43d-f627-46ec-a08c-c767a4ef3ab0%22
			www.figma.com/	1970-01-20 12:13:45	Name: AWSALBTG Value: xklyY1lyo/wAi+uEV4ULXIWk3BfIzlBUdzWRaJ+fVF9o6eO1cQFZJV1d4IDZRbqc8u8yQGiP+Tfvj+Sk65xHQronm4GGyxjP/wngoLG2sJ7hc29dfuxsDBMbs6QHvraxBcWUrOD34cn/iZkXc8v0d7swB3Ut0/KUyWp/LQJqlRpw
			www.figma.com/	1970-01-20 12:13:45	Name: AWSALBTGCORS Value: xklyY1lyo/wAi+uEV4ULXIWk3BfIzlBUdzWRaJ+fVF9o6eO1cQFZJV1d4IDZRbqc8u8yQGiP+Tfvj+Sk65xHQronm4GGyxjP/wngoLG2sJ7hc29dfuxsDBMbs6QHvraxBcWUrOD34cn/iZkXc8v0d7swB3Ut0/KUyWp/LQJqlRpw
			www.figma.com/	1970-01-20 12:13:45	Name: AWSALB Value: pq79VtDR0k34XxqtQEABXIgYVMHF4W9BXgvNrhUggT6Ko+/R2r6W19WrWSM/DXr7Px6WIEhPNSjUwideScavc+x9rxVSxhtlD5H5M1jAhJX2usNN0VFFoP38sZ6t
			www.figma.com/	1970-01-20 12:13:45	Name: AWSALBCORS Value: pq79VtDR0k34XxqtQEABXIgYVMHF4W9BXgvNrhUggT6Ko+/R2r6W19WrWSM/DXr7Px6WIEhPNSjUwideScavc+x9rxVSxhtlD5H5M1jAhJX2usNN0VFFoP38sZ6t

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.figma.com/proto/xjVAxeOp7GITaGcGs426rG/WU-11945_Chat-Pay-for-Subs_Make-a-Payment_19-Apr-23 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'unsafe-eval' 'nonce-1LfEmd0R05uHZbNTW4WXDw==' 'strict-dynamic' ; style-src 'self' 'unsafe-inline' https://www.figma.com/esbuild-artifacts/ https://fonts.googleapis.com/ https://accounts.google.com/gsi/style https://trello.com/power-ups/power-up.css https://p.trellocdn.com/power-up.css https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css ; worker-src 'self' blob: ; object-src 'none' ; base-uri 'self' ; frame-ancestors 'self' vscode-webview: vscode-file: , script-src 'self' https://www.figma.com/ 'unsafe-eval' 'unsafe-inline' https://admin.figma.com/admin/esbuild-artifacts/ https://figma-private-data.s3.us-west-2.amazonaws.com/esbuild-artifacts/ blob: https://accounts.google.com/gsi/client https://static.figma.com/fullscreen/ https://static.figma.com/uploads/539fd13ba437049b058e7e83fd54539c86878320 https://static.figma.com/uploads/0706b46bdc09a419282285b791ea1dd3c019ecd6 https://static.figma.com/scripts/ https://static.zdassets.com https://ekr.zdassets.com https://assets.zendesk.com/apps/sdk/2.0/zaf_sdk.js https://js.stripe.com https://trello.com/power-ups/power-up.min.js https://p.trellocdn.com/power-up.min.js https://statics.teams.cdn.office.net/sdk/v1.6.0/js/MicrosoftTeams.min.js https://alcdn.msauth.net/browser/2.21.0/js/msal-browser.min.js https://apis.google.com/ ; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

static.figma.com
www.figma.com
108.138.36.55
18.66.192.126
01dc4a6d2e9a006661ca831f2d4a99b1aa88d687f656559bb96d3f28c0187ef9
0f3627692b33ace16539963461f81b990286b76fd351708e0d4b0623622768fc
202c6be40150fe303d081c278456583c776d7610a63d016e9da654bce895a931
4109c2663e3b3d22244c6aea88838eb19f37c9ee618b506005f6cd7caba41681
515286f5d1a903bdb96e26ac36c4851cf64b026051648b65613e90a0cabf30fe
55ee19c630774b7b603044880bfead0a31cb61f2cc37df21468238112364ac69
628900f3eb5aaf3d8ecee629dedcdf4b09f24d282c6be9e0d3bd9c56f67ab896
b0b541a74e7cc1f3552e70d2f1d0f4f484b80dca17cb762b4e46f2d9e1d65cc2
b73c79c8ec1188da80be439bbd57fdf2878bcf02388a79c27391d037722baee2
cf802c496f11ffec942951bf56d49b40bcb0ac41ccdb87c383cc81801564780d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855