facadeservice.richie.ai Open in urlscan Pro
15.197.149.68 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://facadeservice.richie.ai/
Submission: On April 26 via automatic, source certstream-suspicious (April 26th 2025, 12:05:47 am UTC) — Scanned from DE

Summary HTTP 33 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 15 domains to perform 33 HTTP transactions. The main IP is 15.197.149.68, located in United States and belongs to AMAZON-02, US. The main domain is facadeservice.richie.ai.
TLS certificate: Issued by R10 on April 25th 2025. Valid for: 3 months.

This is the only time facadeservice.richie.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 7	15.197.149.68 15.197.149.68	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.202 172.217.16.202	15169 (GOOGLE) (GOOGLE)
2	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
4	172.67.142.245 172.67.142.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	216.58.212.136 216.58.212.136	15169 (GOOGLE) (GOOGLE)
2	3.5.30.38 3.5.30.38	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	216.239.36.178 216.239.36.178	15169 (GOOGLE) (GOOGLE)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	108.177.15.154 108.177.15.154	15169 (GOOGLE) (GOOGLE)
1	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
3	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
1	108.138.26.78 108.138.26.78	16509 (AMAZON-02) (AMAZON-02)
2	18.245.46.20 18.245.46.20	16509 (AMAZON-02) (AMAZON-02)
2	52.2.126.117 52.2.126.117	14618 (AMAZON-AES) (AMAZON-AES)
33	16

7 15.197.149.68 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a8985792cf9baf781.awsglobalaccelerator.com

facadeservice.richie.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f202.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.142.245 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.30.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

bucketeer-47d205c1-5607-4d71-94d8-7ee9ff2ef6b5.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-78.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.46.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-20.fra56.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.126.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-126-117.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	richie.ai 2 redirects facadeservice.richie.ai	892 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1450	179 KB
3	intercom.io widget.intercom.io — Cisco Umbrella Rank: 3359 api-iam.intercom.io — Cisco Umbrella Rank: 3196	5 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 132	214 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	311 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 5413	310 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 80	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 237	82 KB
2	amazonaws.com bucketeer-47d205c1-5607-4d71-94d8-7ee9ff2ef6b5.s3.amazonaws.com	328 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 377	9 KB
1	google.de www.google.de — Cisco Umbrella Rank: 9358	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 227	562 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4632
1	gstatic.com fonts.gstatic.com	18 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 76	1 KB
33	15

	Domain	Requested by
7	facadeservice.richie.ai	2 redirects facadeservice.richie.ai
4	use.fontawesome.com	facadeservice.richie.ai use.fontawesome.com
3	www.facebook.com	connect.facebook.net facadeservice.richie.ai
3	www.googletagmanager.com	facadeservice.richie.ai www.googletagmanager.com
2	api-iam.intercom.io	js.intercomcdn.com
2	js.intercomcdn.com	widget.intercom.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	facadeservice.richie.ai connect.facebook.net
2	bucketeer-47d205c1-5607-4d71-94d8-7ee9ff2ef6b5.s3.amazonaws.com	facadeservice.richie.ai
2	cdn.jsdelivr.net	facadeservice.richie.ai
1	widget.intercom.io	facadeservice.richie.ai
1	www.google.de	facadeservice.richie.ai
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	facadeservice.richie.ai
33	16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
facadeservice.richie.ai R10	`2025-04-25` - `2025-07-24`	3 months	crt.sh
upload.video.google.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
use.fontawesome.com WE1	`2025-03-06` - `2025-06-04`	3 months	crt.sh
*.google-analytics.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.gstatic.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2025-02-02` - `2025-05-03`	3 months	crt.sh
*.g.doubleclick.net WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.google.de WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-12-14` - `2026-01-11`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2024-10-31` - `2025-11-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://facadeservice.richie.ai/
Frame ID: 7B280CA2FB25CDA02D0410CE13AEFB51
Requests: 29 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.55de70c3.js
Frame ID: 65F2F6085D5A8D8D9DDA577939814FFF
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

United Rapid Funding | Equity-Free Financing Marketplace

Detected technologies

Bulma (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+bulma(?:\.min)?\.css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

33
Requests

94 %
HTTPS

0 %
IPv6

15
Domains

16
Subdomains

16
IPs

2
Countries

2154 kB
Transfer

4301 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/richielending/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/richielending/

Search URL Search Domain Scan URL

URL: https://twitter.com/lendingrichie/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://facadeservice.richie.ai/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBVZz09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--b31d6bf3497e419b61db5a970b4ec18965da4495/Transparent%20Logo%20United%20Rapid%20Funding.png HTTP 302
https://bucketeer-47d205c1-5607-4d71-94d8-7ee9ff2ef6b5.s3.amazonaws.com/D93TLugNmeGURDh2Kd6VxG8L?response-content-disposition=inline%3B%20filename%3D%22Transparent%20Logo%20United%20Rapid%20Funding.png%22%3B%20filename%2A%3DUTF-8%27%27Transparent%2520Logo%2520United%2520Rapid%2520Funding.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIARVGPJVYVPSJUEGJL%2F20250426%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250426T000533Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=0719ad2e46b7c324351e9b77ff222caa08113463ae02be433fae949c0f2d7d61

Request Chain 12

https://facadeservice.richie.ai/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBEQT09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--cd10f42b153d45864070b24f07102e356bb0e7ca/7.jpg?disposition=attachment HTTP 302
https://bucketeer-47d205c1-5607-4d71-94d8-7ee9ff2ef6b5.s3.amazonaws.com/qEqLoY6KpA1f1KvzGv3aJPod?response-content-disposition=attachment%3B%20filename%3D%227.jpg%22%3B%20filename%2A%3DUTF-8%27%277.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIARVGPJVYVPSJUEGJL%2F20250426%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250426T000533Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=dbe06f88f03dc22c5e3f972eeb214817b00b40406a263c52e8d57a5d43972a53

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
facadeservice.richie.ai/ 127 KB
129 KB 539ms
278ms Document
text/html 15.197.149.68
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://facadeservice.richie.ai/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

15.197.149.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8985792cf9baf781.awsglobalaccelerator.com

Software

Cowboy /

Resource Hash

e27ece4bccbc7d67a8488f41d71c1f6ea7f8809a042bdc4035b9e6dea6b108af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Sat, 26 Apr 2025 00:05:32 GMT
Etag: W/"e27ece4bccbc7d67a8488f41d71c1f6e"
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1745625932&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=ldkTfAX3bEmhlrE80dzlmJsfGqekJrbOwbekzxfOSww%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1745625932&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=ldkTfAX3bEmhlrE80dzlmJsfGqekJrbOwbekzxfOSww%3D
Server: Cowboy
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 7235b2ae-92c8-4e0a-8755-52f4e8bfce79
X-Runtime: 0.039526
X-Xss-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 47ms
17ms Stylesheet
text/css 172.217.16.202
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik

Requested by

Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f202.1e100.net

Software

ESF /

Resource Hash

e7a34b05b5c7f78d2a2bef12f2705c77e64ee753e878f10d4537030573bf430e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 26 Apr 2025 00:05:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Apr 2025 00:05:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 25 Apr 2025 23:06:35 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 bulma-carousel.min.css
cdn.jsdelivr.net/npm/bulma-carousel@4.0.4/dist/css/ 4 KB
1 KB 37ms
13ms Stylesheet
text/css 151.101.65.229
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bulma-carousel@4.0.4/dist/css/bulma-carousel.min.css

Requested by

Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9d586b0d953f9dedc8ff3e8b5d611bc943849afefdb0f18a11bb0fed258b9072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"e3d-k+v+Kx77vT2FR6KJmwAWLmdj8AE"
age: 2141466
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sat, 26 Apr 2025 00:05:32 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220135-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 989
x-jsd-version: 4.0.4

GET
H2 200 bulma-carousel.min.js Show response
cdn.jsdelivr.net/npm/bulma-carousel@4.0.4/dist/js/ 40 KB
8 KB 33ms
9ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bulma-carousel@4.0.4/dist/js/bulma-carousel.min.js

Requested by

Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a8a47bef2cd50640d82aea128360690086ccb6617c6858ee4c71559c88e4a732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"9f13-qtOo8iRGzu50JHcW9PHjTbP9Rzo"
age: 300736
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sat, 26 Apr 2025 00:05:32 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220135-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7668
x-jsd-version: 4.0.4

GET
H/1.1 200
OK application.scss
facadeservice.richie.ai/assets/ 524 KB
525 KB 436ms
233ms Stylesheet
text/css 15.197.149.68
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://facadeservice.richie.ai/assets/application.scss

Requested by

Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

15.197.149.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8985792cf9baf781.awsglobalaccelerator.com

Software

Cowboy /

Resource Hash

007a0b8f4333cc33a2c375e74fe5e5c352933d1d00b99e70ff7649af0c735270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1745625933&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=jKWOpb1FxW4Tp3zLVIPjr2gTHEay9x3Wqp9SZM3640o%3D
X-Request-Id: ab5b3a6b-83f9-4404-8913-9b54fadfff30
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Cache-Control: public, must-revalidate
Etag: "3ecff236fba62f87f5b78ba3d7eff8021c84c2ac7f87b16b027bab9a82288c6b"
Connection: keep-alive
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1745625933&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=jKWOpb1FxW4Tp3zLVIPjr2gTHEay9x3Wqp9SZM3640o%3D"}]}
Via: 1.1 vegur
Content-Length: 536926
Date: Sat, 26 Apr 2025 00:05:32 GMT
Content-Type: text/css; charset=utf-8
Vary: Accept-Encoding
Server: Cowboy
X-Runtime: 0.000647

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.0/css/ 52 KB
13 KB 47ms
27ms Stylesheet
text/css 172.67.142.245
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.0/css/all.css
Requested by: Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c17ff2bf75eb3072fd868f22db3e2b170e81e9c28ab7116206e0764be091966c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"ae4d052bb6a9986bcd0634b812200894"
age: 273320
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0s%2BnA%2BOw7oa2wD6Vs4%2BvkilKWT%2FDQ3lwDsY6sWgsbpb93RzZFDq9XpiRUG7vZgVnZ6b3OFB%2BXUzPz6C66i5sBk71LYG1GA%2FhKMAZc0pk0S4yVpZHoxAK0B9BhjyL56n5L%2FAtZV3"}],"group":"cf-nel","max_age":604800}
cf-ray: 9361d440681bbb44-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1518&min_rtt=916&rtt_var=1227&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4009&recv_bytes=2234&delivery_rate=4176923&cwnd=254&unsent_bytes=0&cid=853c25c95d718103&ts=30&x=0"
date: Sat, 26 Apr 2025 00:05:32 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:45:39 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK application-77aff09f54a4d0888d367b04ca1152e67529efae3f3f72dd0692581058a1b48b.js Show response
facadeservice.richie.ai/assets/ 720 KB
228 KB 435ms
231ms Script
application/javascript 15.197.149.68
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://facadeservice.richie.ai/assets/application-77aff09f54a4d0888d367b04ca1152e67529efae3f3f72dd0692581058a1b48b.js

Requested by

Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

15.197.149.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8985792cf9baf781.awsglobalaccelerator.com

Software

Cowboy /

Resource Hash

77aff09f54a4d0888d367b04ca1152e67529efae3f3f72dd0692581058a1b48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1745625933&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=jKWOpb1FxW4Tp3zLVIPjr2gTHEay9x3Wqp9SZM3640o%3D
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Content-Encoding: gzip
Connection: keep-alive
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1745625933&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=jKWOpb1FxW4Tp3zLVIPjr2gTHEay9x3Wqp9SZM3640o%3D"}]}
Via: 1.1 vegur
Content-Length: 232260
Date: Sat, 26 Apr 2025 00:05:33 GMT
Last-Modified: Tue, 10 Dec 2024 20:07:48 GMT
Content-Type: application/javascript
Server: Cowboy
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
94 KB 60ms
30ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134244649-1

Requested by

Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0463715671c933f8cf809ee8bbcfb70009e5bb2be308c2bba14a6da946dac193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires: Sat, 26 Apr 2025 00:05:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Apr 2025 00:05:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1068:0
content-length: 95650
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1

200
OK

D93TLugNmeGURDh2Kd6VxG8L
bucketeer-47d205c1-5607-4d71-94d8-7ee9ff2ef6b5.s3.amazonaws.com/
Redirect Chain

https://facadeservice.richie.ai/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBVZz09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--b31d6bf3497e419b61db5a970b4ec18965da4495/Transparent%20L...
https://bucketeer-47d205c1-5607-4d71-94d8-7ee9ff2ef6b5.s3.amazonaws.com/D93TLugNmeGURDh2Kd6VxG8L?response-content-disposition=inline%3B%20filename%3D%22Transparent%20Logo%20United%20Rapid%20Funding...

111 KB
111 KB

533ms
312ms

Image
image/png

3.5.30.38
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://bucketeer-47d205c1-5607-4d71-94d8-7ee9ff2ef6b5.s3.amazonaws.com/D93TLugNmeGURDh2Kd6VxG8L?response-content-disposition=inline%3B%20filename%3D%22Transparent%20Logo%20United%20Rapid%20Funding.png%22%3B%20filename%2A%3DUTF-8%27%27Transparent%2520Logo%2520United%2520Rapid%2520Funding.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIARVGPJVYVPSJUEGJL%2F20250426%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250426T000533Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=0719ad2e46b7c324351e9b77ff222caa08113463ae02be433fae949c0f2d7d61
Requested by: Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/
Protocol: HTTP/1.1
Server: 3.5.30.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8ef4a8f18bd1633ec68a22926fd3fcf643ab830c96745c8f918e2294b7466347

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

x-amz-id-2: iaPnWpgVj2dpXpMJDv2hyztghNoAyMlqmn0pavtqJXIbYZEdLshmgAoSRMevjtrtm62VWLE5/Fwzzdp9QQwZ33kslzMq2PRR
ETag: "841edf079e24849b9d2025bf4c531916"
x-amz-request-id: ASETYCA0EQJJPX2E
Accept-Ranges: bytes
Content-Length: 113575
Date: Sat, 26 Apr 2025 00:05:34 GMT
Last-Modified: Wed, 26 Feb 2025 05:56:41 GMT
Content-Disposition: inline; filename="Transparent Logo United Rapid Funding.png"; filename*=UTF-8''Transparent%20Logo%20United%20Rapid%20Funding.png
Server: AmazonS3
Content-Type: image/png
x-amz-server-side-encryption: AES256

Redirect headers

X-Request-Id: a267ecf8-7852-4167-bbab-d5b4b64a109b
X-Permitted-Cross-Domain-Policies: none
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1745625933&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=jKWOpb1FxW4Tp3zLVIPjr2gTHEay9x3Wqp9SZM3640o%3D"}]}
X-Content-Type-Options: nosniff
Date: Sat, 26 Apr 2025 00:05:33 GMT
Content-Type: text/html; charset=utf-8
X-Runtime: 0.004667
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1745625933&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=jKWOpb1FxW4Tp3zLVIPjr2gTHEay9x3Wqp9SZM3640o%3D
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Location: https://bucketeer-47d205c1-5607-4d71-94d8-7ee9ff2ef6b5.s3.amazonaws.com/D93TLugNmeGURDh2Kd6VxG8L?response-content-disposition=inline%3B%20filename%3D%22Transparent%20Logo%20United%20Rapid%20Funding.png%22%3B%20filename%2A%3DUTF-8%27%27Transparent%2520Logo%2520United%2520Rapid%2520Funding.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIARVGPJVYVPSJUEGJL%2F20250426%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250426T000533Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=0719ad2e46b7c324351e9b77ff222caa08113463ae02be433fae949c0f2d7d61
Cache-Control: max-age=300, private
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Via: 1.1 vegur
X-Xss-Protection: 1; mode=block
Server: Cowboy

GET
H3 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2
fonts.gstatic.com/s/rubik/v28/ 18 KB
18 KB 33ms
15ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

c87fcac153783ea615f856ad1c0e12791952c39b8ddde7f11fa3d47c0a3b3998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://facadeservice.richie.ai
Referer: https://fonts.googleapis.com/

Response headers

age: 377515
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 21 Apr 2026 15:13:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Apr 2025 15:13:38 GMT
last-modified: Thu, 29 Jun 2023 16:30:12 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18856
x-xss-protection: 0
server: sffe

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
84 KB 25ms
24ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MV5KSQR

Requested by

Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

abb551731dd16cfdb056900ada80707d338fa208dd74410a53051cdddadbef07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1310:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1310:0"}],}
expires: Sat, 26 Apr 2025 00:05:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Apr 2025 00:05:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1310:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1310:0
content-length: 85542
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 271 KB
68 KB 32ms
9ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

c9826309b452d120fd6d1cfc0cf457b923024f39d7098265a4c5e1e27d6a96e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;script-src data: 'nonce-oNm2fvIB' .facebook.com .fbcdn.net .facebook.net blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com .cdninstagram.com;font-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;img-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;media-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;child-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;frame-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;manifest-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;object-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;worker-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Apr 2025 00:05:33 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src data: 'nonce-oNm2fvIB' *.facebook.com *.fbcdn.net *.facebook.net blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=23, mss=1232, tbw=4820, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: UV0/ZY/lLjQsTqPKrBZLGgKBlQkZceOw6YDLtz82Hf9xfntl8AixnqBDgK5d6nT1zuOzsUgMEvNzdQp3vZKwxg==
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-oNm2fvIB' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net blob: 'self' data:;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 69961
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK background.svg
facadeservice.richie.ai/assets/ 890 B
2 KB 108ms
108ms Image
image/svg+xml 15.197.149.68
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://facadeservice.richie.ai/assets/background.svg

Requested by

Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/assets/application.scss

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

15.197.149.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8985792cf9baf781.awsglobalaccelerator.com

Software

Cowboy /

Resource Hash

bf2c85aa36b3ab9a432040de9eb10a2e727603904d0883234944e9e53a946dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/assets/application.scss

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1745625933&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=jKWOpb1FxW4Tp3zLVIPjr2gTHEay9x3Wqp9SZM3640o%3D
X-Request-Id: 9d22c354-12c8-4610-8c4e-7c8c2c84315e
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Cache-Control: public, must-revalidate
Etag: "bf2c85aa36b3ab9a432040de9eb10a2e727603904d0883234944e9e53a946dd3"
Connection: keep-alive
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1745625933&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=jKWOpb1FxW4Tp3zLVIPjr2gTHEay9x3Wqp9SZM3640o%3D"}]}
Via: 1.1 vegur
Content-Length: 890
Date: Sat, 26 Apr 2025 00:05:33 GMT
Content-Type: image/svg+xml
Vary: Accept-Encoding
Server: Cowboy
X-Runtime: 0.007472

GET
H/1.1

200
OK

qEqLoY6KpA1f1KvzGv3aJPod
bucketeer-47d205c1-5607-4d71-94d8-7ee9ff2ef6b5.s3.amazonaws.com/
Redirect Chain

https://facadeservice.richie.ai/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBEQT09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--cd10f42b153d45864070b24f07102e356bb0e7ca/7.jpg?dispositi...
https://bucketeer-47d205c1-5607-4d71-94d8-7ee9ff2ef6b5.s3.amazonaws.com/qEqLoY6KpA1f1KvzGv3aJPod?response-content-disposition=attachment%3B%20filename%3D%227.jpg%22%3B%20filename%2A%3DUTF-8%27%277....

216 KB
217 KB

188ms
187ms

Image
image/jpeg

3.5.30.38
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://bucketeer-47d205c1-5607-4d71-94d8-7ee9ff2ef6b5.s3.amazonaws.com/qEqLoY6KpA1f1KvzGv3aJPod?response-content-disposition=attachment%3B%20filename%3D%227.jpg%22%3B%20filename%2A%3DUTF-8%27%277.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIARVGPJVYVPSJUEGJL%2F20250426%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250426T000533Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=dbe06f88f03dc22c5e3f972eeb214817b00b40406a263c52e8d57a5d43972a53
Requested by: Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/
Protocol: HTTP/1.1
Server: 3.5.30.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 78066f3936a0fc7e90fd7c4dae7b4d1131daa0ea53e10ed96273f4ec7f8c7484

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

x-amz-id-2: OuhJmfopDsMGVZJETXhyJZKIIdAlJzzGipNhLWNaxqnqGx8nDt3Vx7eMhr4UoIH6Ph0FhD9k2GpNNGMlPzpLveJcfD3xJ2L7
ETag: "29aa3fb00b1f4ac7ec945d093d833d08"
x-amz-request-id: ASEQSQ1B0EETTX0N
Accept-Ranges: bytes
Content-Length: 221514
Date: Sat, 26 Apr 2025 00:05:34 GMT
Last-Modified: Tue, 10 Dec 2024 20:10:04 GMT
Content-Disposition: attachment; filename="7.jpg"; filename*=UTF-8''7.jpg
Server: AmazonS3
Content-Type: image/jpeg
x-amz-server-side-encryption: AES256

Redirect headers

X-Request-Id: f296002d-6e2a-4a9a-a496-fc94fa3cef5b
X-Permitted-Cross-Domain-Policies: none
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1745625933&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=jKWOpb1FxW4Tp3zLVIPjr2gTHEay9x3Wqp9SZM3640o%3D"}]}
X-Content-Type-Options: nosniff
Date: Sat, 26 Apr 2025 00:05:33 GMT
Content-Type: text/html; charset=utf-8
X-Runtime: 0.004945
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1745625933&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=jKWOpb1FxW4Tp3zLVIPjr2gTHEay9x3Wqp9SZM3640o%3D
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Location: https://bucketeer-47d205c1-5607-4d71-94d8-7ee9ff2ef6b5.s3.amazonaws.com/qEqLoY6KpA1f1KvzGv3aJPod?response-content-disposition=attachment%3B%20filename%3D%227.jpg%22%3B%20filename%2A%3DUTF-8%27%277.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIARVGPJVYVPSJUEGJL%2F20250426%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250426T000533Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=dbe06f88f03dc22c5e3f972eeb214817b00b40406a263c52e8d57a5d43972a53
Cache-Control: max-age=300, private
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Via: 1.1 vegur
X-Xss-Protection: 1; mode=block
Server: Cowboy

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.0/webfonts/ 77 KB
78 KB 259ms
234ms Font
font/woff2 172.67.142.245
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed0c0e7ba446dc0be5c8580cb20b815f44eb5b967db1d233de317e300059a130

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://facadeservice.richie.ai
Referer: https://use.fontawesome.com/releases/v5.6.0/css/all.css

Response headers

cf-cache-status: MISS
etag: "bed3b0a702ad38e11e30320528addb0e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OCwBVx9l5%2FN7r19txvR89o9uKpsGOfBb8l5junhguUpDE8Fq%2B0EyZzpB52CFiCLi%2FwEPNhnRCqZ%2F5ZAO3rgtfjkRyijgTBmEdg3ZFQWsb1evmoA5iR4SQ9ORg4h0lKJwBbrGYuK7"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1080&min_rtt=973&rtt_var=24&sent=75&recv=38&lost=0&retrans=0&sent_bytes=95286&recv_bytes=2518&delivery_rate=74256410&cwnd=271&unsent_bytes=0&cid=5b0876586825099a&ts=243&x=0"
date: Sat, 26 Apr 2025 00:05:34 GMT
content-type: font/woff2
last-modified: Fri, 22 Sep 2023 01:45:41 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9361d4468fbc6add-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 79080
server: cloudflare

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.6.0/webfonts/ 15 KB
15 KB 216ms
192ms Font
font/woff2 172.67.142.245
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.0/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 815fbb39d2c07581227c1d9eab7fb031be54e32346ab7f9a527fe4060ddb96ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://facadeservice.richie.ai
Referer: https://use.fontawesome.com/releases/v5.6.0/css/all.css

Response headers

cf-cache-status: MISS
etag: "732726c56cad903eea8677a60d064b5a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWJUjHHAS8hccvOM70Ya2i8mI4a3yVT2yraJLdbUAQ6iZuHXynym%2Bt7TpoL5oLXA96MC7JzlWNGX2wHqHwoGJNJmrHwbN15WfdaZ88%2F8s1aPjeiyol5eXfggi1EqQV61Q63NKs%2Bo"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1563&min_rtt=1007&rtt_var=1224&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4009&recv_bytes=2518&delivery_rate=4217475&cwnd=254&unsent_bytes=0&cid=5b0876586825099a&ts=201&x=0"
date: Sat, 26 Apr 2025 00:05:34 GMT
content-type: font/woff2
last-modified: Fri, 22 Sep 2023 01:45:40 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9361d4468fbe6add-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14880
server: cloudflare

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.0/webfonts/ 72 KB
73 KB 219ms
195ms Font
font/woff2 172.67.142.245
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03d9ab25b07b637c8508dd78e90979281711782920d1ac621851e57a1d2954db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://facadeservice.richie.ai
Referer: https://use.fontawesome.com/releases/v5.6.0/css/all.css

Response headers

cf-cache-status: MISS
etag: "87b76b96d1d061e808d102230d0e29c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2hYj8A2MJAPs%2F046J31MsS3TXeAGnxcUUajII4esas7KkUoSWmiEgpnrDcYYyS6d6hMOoZ1NEnAl2NIPUmsYa4V7f1y9cRLu7fbf0E%2BE5nDe4OAICheWbL3F7VzqaP2Q1P8HIAdY"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1563&min_rtt=1007&rtt_var=1224&sent=20&recv=10&lost=0&retrans=0&sent_bytes=19855&recv_bytes=2518&delivery_rate=4217475&cwnd=254&unsent_bytes=0&cid=5b0876586825099a&ts=203&x=0"
date: Sat, 26 Apr 2025 00:05:34 GMT
content-type: font/woff2
last-modified: Fri, 22 Sep 2023 01:45:41 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9361d4468fbd6add-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 74040
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 400 KB
133 KB 35ms
34ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9ML2HDFLHX&l=dataLayer&cx=c&gtm=457e54n0za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134244649-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9208ab135dab04f9dbe7622e0176d7614acaca8037a287325ad9c54c7311386d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires: Sat, 26 Apr 2025 00:05:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Apr 2025 00:05:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1068:0
content-length: 135933
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 37ms
12ms Script
text/javascript 216.239.36.178
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134244649-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

content-encoding: gzip
age: 4554
report-to: {"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 26 Apr 2025 00:49:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 22:49:39 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:225:0
content-length: 20994
server: Golfe2

GET
H3 200 333517113799135 Show response
connect.facebook.net/signals/config/ 63 KB
13 KB 324ms
324ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/333517113799135?v=2.9.199&r=stable&domain=facadeservice.richie.ai&hme=53363064397d256bdf8f213dd9a9e18c291fc2ed691e4233e4a9e488f248f817&ex_m=73%2C128%2C113%2C117%2C64%2C5%2C106%2C72%2C18%2C100%2C92%2C53%2C57%2C182%2C203%2C210%2C206%2C207%2C209%2C31%2C107%2C55%2C80%2C208%2C177%2C180%2C204%2C205%2C190%2C139%2C43%2C195%2C192%2C193%2C36%2C152%2C17%2C52%2C199%2C198%2C141%2C20%2C42%2C1%2C45%2C68%2C69%2C70%2C74%2C96%2C19%2C16%2C99%2C95%2C94%2C114%2C54%2C116%2C41%2C115%2C32%2C97%2C28%2C178%2C181%2C149%2C13%2C14%2C15%2C7%2C8%2C27%2C24%2C25%2C60%2C65%2C67%2C78%2C56%2C105%2C108%2C29%2C79%2C11%2C9%2C83%2C50%2C23%2C110%2C109%2C111%2C102%2C12%2C22%2C3%2C40%2C77%2C21%2C161%2C89%2C135%2C49%2C48%2C101%2C76%2C0%2C98%2C59%2C87%2C35%2C30%2C85%2C86%2C91%2C39%2C6%2C93%2C84%2C46%2C34%2C37%2C90%2C4%2C88%2C248%2C175%2C126%2C164%2C157%2C2%2C38%2C66%2C44%2C112%2C47%2C82%2C71%2C118%2C63%2C62%2C33%2C103%2C61%2C58%2C51%2C81%2C75%2C26%2C104%2C10%2C119

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

35bc5b78b37d2769c1b3f33240fbf8e40fe6276f4910fcbe91d071b256989e6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;script-src data: 'nonce-jtVDh4nG' .facebook.com .fbcdn.net .facebook.net blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com .cdninstagram.com;font-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;img-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;media-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;child-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;frame-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;manifest-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;object-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;worker-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Apr 2025 00:05:34 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src data: 'nonce-jtVDh4nG' *.facebook.com *.fbcdn.net *.facebook.net blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=80, mss=1232, tbw=82318, tp=76, tpl=0, uplat=316, ullat=0
pragma: public
x-fb-debug: zxFBfhxmIO9I4AvcVAGhQbEW0vr+TgMS0iOZY3f9d19igWsFKIuwTEMN4nnzmntlLxPaVFElm4uPZYWSRUR3IA==
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-jtVDh4nG' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net blob: 'self' data:;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
455 B 16ms
15ms XHR
text/plain 216.239.36.178
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1727994588&t=pageview&_s=1&dl=https%3A%2F%2Ffacadeservice.richie.ai%2F&dp=%2F&ul=de-de&de=UTF-8&dt=United%20Rapid%20Funding%20%7C%20Equity-Free%20Financing%20Marketplace&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACgCI~&jid=1131757572&gjid=1292047568&cid=561753804.1745625934&tid=UA-134244649-1&_gid=701007066.1745625934&_r=1&gtm=457e54n0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&npa=1&z=209597362

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://facadeservice.richie.ai/

Response headers

report-to: {"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Apr 2025 00:05:33 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://facadeservice.richie.ai
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:175:0
content-length: 1
server: Golfe2

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 88ms
58ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9ML2HDFLHX&gtm=45je54n0v9136331566za200&_p=1745625933797&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=561753804.1745625934&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&dl=https%3A%2F%2Ffacadeservice.richie.ai%2F&dp=%2F&dt=United%20Rapid%20Funding%20%7C%20Equity-Free%20Financing%20Marketplace&sid=1745625933&sct=1&seg=0&en=page_view&_fv=1&_ss=1&tfd=1655
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9ML2HDFLHX&l=dataLayer&cx=c&gtm=457e54n0za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
report-to: {"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://facadeservice.richie.ai
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:153:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Apr 2025 00:05:33 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
562 B 129ms
75ms Ping
text/plain 108.177.15.154
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9ML2HDFLHX&cid=561753804.1745625934&gtm=45je54n0v9136331566za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9ML2HDFLHX&l=dataLayer&cx=c&gtm=457e54n0za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:122:0
report-to: {"group":"ascnsrsggc:122:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:122:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://facadeservice.richie.ai
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:122:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Apr 2025 00:05:34 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 36ms
19ms Image
image/gif 142.250.185.163
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9ML2HDFLHX&cid=561753804.1745625934&gtm=45je54n0v9136331566za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&z=1437407352

Requested by

Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 26 Apr 2025 00:05:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.facebook.com/privacy_sandbox/topics/registration/ 67 B
0 58ms
45ms Fetch
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/privacy_sandbox/topics/registration/?id=333517113799135

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/333517113799135?v=2.9.199&r=stable&domain=facadeservice.richie.ai&hme=53363064397d256bdf8f213dd9a9e18c291fc2ed691e4233e4a9e488f248f817&ex_m=73%2C128%2C113%2C117%2C64%2C5%2C106%2C72%2C18%2C100%2C92%2C53%2C57%2C182%2C203%2C210%2C206%2C207%2C209%2C31%2C107%2C55%2C80%2C208%2C177%2C180%2C204%2C205%2C190%2C139%2C43%2C195%2C192%2C193%2C36%2C152%2C17%2C52%2C199%2C198%2C141%2C20%2C42%2C1%2C45%2C68%2C69%2C70%2C74%2C96%2C19%2C16%2C99%2C95%2C94%2C114%2C54%2C116%2C41%2C115%2C32%2C97%2C28%2C178%2C181%2C149%2C13%2C14%2C15%2C7%2C8%2C27%2C24%2C25%2C60%2C65%2C67%2C78%2C56%2C105%2C108%2C29%2C79%2C11%2C9%2C83%2C50%2C23%2C110%2C109%2C111%2C102%2C12%2C22%2C3%2C40%2C77%2C21%2C161%2C89%2C135%2C49%2C48%2C101%2C76%2C0%2C98%2C59%2C87%2C35%2C30%2C85%2C86%2C91%2C39%2C6%2C93%2C84%2C46%2C34%2C37%2C90%2C4%2C88%2C248%2C175%2C126%2C164%2C157%2C2%2C38%2C66%2C44%2C112%2C47%2C82%2C71%2C118%2C63%2C62%2C33%2C103%2C61%2C58%2C51%2C81%2C75%2C26%2C104%2C10%2C119

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'nonce-A3gTi5j0' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com .fb.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .fb.com .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

access-control-expose-headers: X-FB-Debug, X-Loader-Length, X-Stack, Error-MID
content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497406298387906993&cpp=C3&cv=1022255163&st=1745625934261"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
observe-browsing-topics: ?1
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-methods: OPTIONS
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Apr 2025 00:05:34 GMT
content-type: image/png
vary: Origin, Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=1,i
x-fb-debug: XVfjYOhxODEB0++F7CzwMDtGX9+V3+ZpDzXuawQHY10mhkx4ddlzOjhc00/WEueT8axoVEkbqZFl/iZbQFm4Dw==
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497406298387906993&cpp=C3&cv=1022255163&st=1745625934261", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'nonce-A3gTi5j0' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.fb.com *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=24, mss=1232, tbw=5110, tp=11, tpl=0, uplat=36, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 20ms
7ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=333517113799135&ev=PageView&dl=https%3A%2F%2Ffacadeservice.richie.ai&rl=&if=false&ts=1745625934224&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=4124&fbp=fb.1.1745625934223.107156300627708203&pm=1&hrl=4b6d1e&ler=empty&cdl=API_unavailable&it=1745625933867&coo=false&cs_cc=1&cas=2369723493137695&exp=k0&rqm=GET

Requested by

Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4593, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 26 Apr 2025 00:05:34 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 210ms
197ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=333517113799135&ev=PageView&dl=https%3A%2F%2Ffacadeservice.richie.ai&rl=&if=false&ts=1745625934224&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=4124&fbp=fb.1.1745625934223.107156300627708203&pm=1&hrl=4b6d1e&ler=empty&cdl=API_unavailable&it=1745625933867&coo=false&cs_cc=1&cas=2369723493137695&exp=k0&rqm=FGET

Requested by

Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'nonce-K9up3Ens' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com .fb.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .fb.com .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497406298516287215&cpp=C3&cv=1022255163&st=1745625934259"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Apr 2025 00:05:34 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 1X8vPdIjxLDruhjOuE6csMyGqMarkeNeqNuI8LVtuq0EXz05j3iR/P0WFMDBf3xy6FIx6CldypVkKeF2ffY3kA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497406298516287215&cpp=C3&cv=1022255163&st=1745625934259", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'nonce-K9up3Ens' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.fb.com *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=5233, tp=13, tpl=0, uplat=181, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 jgc09y4b Show response
widget.intercom.io/widget/ 7 KB
3 KB 368ms
309ms Script
application/javascript 108.138.26.78
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://widget.intercom.io/widget/jgc09y4b
Requested by: Host: facadeservice.richie.ai
URL: https://facadeservice.richie.ai/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cd4712d366ffd87a0cdd63944be463743ae3eadb58e44c528fb727ecdce5712

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

content-encoding: gzip
x-amz-version-id: 39WWUodcsnPtMKJJspOPRxQvpLAKK32u
etag: "b522f64f7ad06a776f172cb9dd657c18"
age: 51
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
x-amz-cf-id: iaILW49bLDJTsWTkalU1wZNhAphVwhx-a-iTge3IvxDV2OzYnlpN4g==
date: Sat, 26 Apr 2025 00:04:55 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding, Origin
last-modified: Fri, 25 Apr 2025 11:26:01 GMT
cache-control: max-age=300, s-maxage=300, public
cross-origin-resource-policy: cross-origin
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2671
x-amz-cf-pop: FRA56-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK favicon.ico
facadeservice.richie.ai/ 4 KB
5 KB 106ms
106ms Other
image/vnd.microsoft.icon 15.197.149.68
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://facadeservice.richie.ai/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

15.197.149.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8985792cf9baf781.awsglobalaccelerator.com

Software

Cowboy /

Resource Hash

4377f4bf7ab69ef6cc44b4920b3179cc05c7a22cd30d708e34573c1898707467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://facadeservice.richie.ai/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1745625934&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UzhqNfNg7j7weG%2BgS4V%2BsBKyWVYH%2FG7qVBpyn6tD8os%3D
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Connection: keep-alive
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1745625934&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UzhqNfNg7j7weG%2BgS4V%2BsBKyWVYH%2FG7qVBpyn6tD8os%3D"}]}
Via: 1.1 vegur
Content-Length: 4355
Date: Sat, 26 Apr 2025 00:05:34 GMT
Last-Modified: Sun, 23 Mar 2025 17:06:00 GMT
Content-Type: image/vnd.microsoft.icon
Server: Cowboy

GET
H2 200 frame-modern.55de70c3.js Show response
js.intercomcdn.com/ Frame 65F2 515 KB
154 KB 74ms
33ms Script
application/javascript 18.245.46.20
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.55de70c3.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jgc09y4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-20.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e3746d60864f816ed4ba3a0763f67497d0cd5bc907720643db4d2e6bf03fd2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: obAOQEeaii8a93MwR2QivrEMaOrgKFNG
etag: "45aea93048b1efb94eb636f581174270"
age: 2371
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ZkPgUnB43lJwAbSDO-_gLofpP4m6yCqvLS-4AuzSAH8_hOxCMYtEDA==
date: Fri, 25 Apr 2025 23:26:04 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
last-modified: Fri, 25 Apr 2025 11:23:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 4e5a83b6aa19a0c9339b31bdad0aa0d4.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 156648
x-amz-cf-pop: FRA56-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor-modern.67942466.js Show response
js.intercomcdn.com/ Frame 65F2 505 KB
156 KB 51ms
9ms Script
application/javascript 18.245.46.20
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.67942466.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jgc09y4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-20.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

70145ca9779e125d668fb12139c62f3173bdff0eaae070235baf4eb08a54c02e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: Lxdi01BaNbIZa3IY2wgXpvIqLcnjjSo4
etag: "7bd4eba81e65624bf1032e3469483c46"
age: 3551
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: LyY9uJQ1LnQaD0QUuhCDYMzEebTV38hFuPVoEiB7tqoA_QgjwONgpA==
date: Fri, 25 Apr 2025 23:06:24 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
last-modified: Tue, 22 Apr 2025 15:23:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 4e5a83b6aa19a0c9339b31bdad0aa0d4.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 159432
x-amz-cf-pop: FRA56-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 403 launcher_settings Show response
api-iam.intercom.io/messenger/web/ Frame 65F2 113 B
837 B 421ms
217ms XHR
application/json 52.2.126.117
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/launcher_settings

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.55de70c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.2.126.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-126-117.compute-1.amazonaws.com

Software

nginx /

Resource Hash

aa60807e1dc6de331d7c5ce1505d4a2d7d6b4116a171b16e67072c0a51c15508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

access-control-max-age: 86400
x-request-id: 0008i6kjnn3mikb52cs0
access-control-expose-headers: x-request-id, x-runtime
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 403 Forbidden
date: Sat, 26 Apr 2025 00:05:35 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.030054
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA, traceparent, X-Continue-Intercom-Trace
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: no-cache
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-origin: https://facadeservice.richie.ai
x-xss-protection: 1; mode=block
x-intercom-version: facac57801d7fcfc9eed1bf260ab0f1dc1c3e24c
server: nginx

POST
H2 403 ping Show response
api-iam.intercom.io/messenger/web/ Frame 65F2 113 B
838 B 344ms
142ms XHR
application/json 52.2.126.117
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.55de70c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.2.126.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-126-117.compute-1.amazonaws.com

Software

nginx /

Resource Hash

287ae5b9969ad84a59319782f6ed92ad25a47518beac1bb12f4878a1220db79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 002aabsfopsi7d7v6blg
access-control-max-age: 86400
access-control-expose-headers: x-request-id, x-runtime
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 403 Forbidden
date: Sat, 26 Apr 2025 00:05:35 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.018794
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA, traceparent, X-Continue-Intercom-Trace
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: no-cache
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-origin: https://facadeservice.richie.ai
x-xss-protection: 1; mode=block
x-intercom-version: facac57801d7fcfc9eed1bf260ab0f1dc1c3e24c
server: nginx

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.richie.ai/	1970-01-21 04:55:12	Name: _gid Value: GA1.2.701007066.1745625934
.richie.ai/	1970-01-21 04:53:45	Name: _gat_gtag_UA_134244649_1 Value: 1
facadeservice.richie.ai/	1969-12-31 23:59:59	Name: _richie_saas_demo_session Value: liCETkybBnp3VtNdd3FPEfAlFQGZ3jg%2F56W8H8fNVh8grToE32TTjBROd%2FxIHC1AzbAh5mEQk6hdN1fLePatUIe9X8Ewo9NqtRwGY0vfdijcjV9fkiWsLxD3dSrl%2B5hUttZZVFVUv99BwCWWHBM%3D--1K54kdn8D6FFEU5%2B--a%2FkEZxjPKVDH2n00oXkKXg%3D%3D
.richie.ai/	1970-01-21 14:29:45	Name: _ga_9ML2HDFLHX Value: GS1.1.1745625933.1.0.1745625933.60.0.0
.richie.ai/	1970-01-21 14:29:45	Name: _ga Value: GA1.1.561753804.1745625934
.richie.ai/	1970-01-21 07:03:21	Name: _fbp Value: fb.1.1745625934223.107156300627708203

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api-iam.intercom.io/messenger/web/ping Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://api-iam.intercom.io/messenger/web/launcher_settings Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
bucketeer-47d205c1-5607-4d71-94d8-7ee9ff2ef6b5.s3.amazonaws.com
cdn.jsdelivr.net
connect.facebook.net
facadeservice.richie.ai
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
region1.analytics.google.com
stats.g.doubleclick.net
use.fontawesome.com
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
108.138.26.78
108.177.15.154
142.250.185.163
142.250.186.67
15.197.149.68
151.101.65.229
157.240.0.35
157.240.0.6
172.217.16.202
172.67.142.245
18.245.46.20
216.239.34.36
216.239.36.178
216.58.212.136
3.5.30.38
52.2.126.117
007a0b8f4333cc33a2c375e74fe5e5c352933d1d00b99e70ff7649af0c735270
03d9ab25b07b637c8508dd78e90979281711782920d1ac621851e57a1d2954db
0463715671c933f8cf809ee8bbcfb70009e5bb2be308c2bba14a6da946dac193
287ae5b9969ad84a59319782f6ed92ad25a47518beac1bb12f4878a1220db79f
35bc5b78b37d2769c1b3f33240fbf8e40fe6276f4910fcbe91d071b256989e6c
3cd4712d366ffd87a0cdd63944be463743ae3eadb58e44c528fb727ecdce5712
4377f4bf7ab69ef6cc44b4920b3179cc05c7a22cd30d708e34573c1898707467
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70145ca9779e125d668fb12139c62f3173bdff0eaae070235baf4eb08a54c02e
77aff09f54a4d0888d367b04ca1152e67529efae3f3f72dd0692581058a1b48b
78066f3936a0fc7e90fd7c4dae7b4d1131daa0ea53e10ed96273f4ec7f8c7484
815fbb39d2c07581227c1d9eab7fb031be54e32346ab7f9a527fe4060ddb96ee
8ef4a8f18bd1633ec68a22926fd3fcf643ab830c96745c8f918e2294b7466347
9208ab135dab04f9dbe7622e0176d7614acaca8037a287325ad9c54c7311386d
9d586b0d953f9dedc8ff3e8b5d611bc943849afefdb0f18a11bb0fed258b9072
a8a47bef2cd50640d82aea128360690086ccb6617c6858ee4c71559c88e4a732
aa60807e1dc6de331d7c5ce1505d4a2d7d6b4116a171b16e67072c0a51c15508
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abb551731dd16cfdb056900ada80707d338fa208dd74410a53051cdddadbef07
bf2c85aa36b3ab9a432040de9eb10a2e727603904d0883234944e9e53a946dd3
c17ff2bf75eb3072fd868f22db3e2b170e81e9c28ab7116206e0764be091966c
c87fcac153783ea615f856ad1c0e12791952c39b8ddde7f11fa3d47c0a3b3998
c9826309b452d120fd6d1cfc0cf457b923024f39d7098265a4c5e1e27d6a96e7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e27ece4bccbc7d67a8488f41d71c1f6ea7f8809a042bdc4035b9e6dea6b108af
e3746d60864f816ed4ba3a0763f67497d0cd5bc907720643db4d2e6bf03fd2f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a34b05b5c7f78d2a2bef12f2705c77e64ee753e878f10d4537030573bf430e
ed0c0e7ba446dc0be5c8580cb20b815f44eb5b967db1d233de317e300059a130
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

facadeservice.richie.ai Open in urlscan Pro 15.197.149.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

33 Requests

94 %HTTPS

0 %IPv6

15 Domains

16 Subdomains

16 IPs

2 Countries

2154 kBTransfer

4301 kBSize

6 Cookies

3 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

facadeservice.richie.ai Open in urlscan Pro
15.197.149.68 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

94 %
HTTPS

0 %
IPv6

15
Domains

16
Subdomains

16
IPs

2
Countries

2154 kB
Transfer

4301 kB
Size

6
Cookies

33 HTTP transactions
0 data transactions