urlscan.io logo urlscan.io
SecurityTrails logo

yaca.systems Open in urlscan Pro
2606:4700:20::681a:f3e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://voice.ulife.me/
Effective URL: https://yaca.systems/download
Submission: On January 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2606:4700:20::681a:f3e, located in United States and belongs to CLOUDFLARENET, US. The main domain is yaca.systems.
TLS certificate: Issued by GTS CA 1P5 on December 4th 2023. Valid for: 3 months.
This is the only time yaca.systems was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
13 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.226.175.29 16509 (AMAZON-02)
18 4
1    2606:4700:20::ac43:468b (United States)

ASN13335 (CLOUDFLARENET, US)
voice.ulife.me
13    2606:4700:20::681a:f3e (United States)

ASN13335 (CLOUDFLARENET, US)
yaca.systems
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    13.226.175.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-175-29.mxp64.r.cloudfront.net
js.stripe.com
Apex Domain
Subdomains		 Transfer
13 yaca.systems
yaca.systems
2 MB
3 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2656
143 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
92 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
1 KB
1 ulife.me
voice.ulife.me
774 B
18 5
Domain Requested by
13 yaca.systems yaca.systems
3 js.stripe.com yaca.systems
js.stripe.com
1 www.googletagmanager.com yaca.systems
1 fonts.googleapis.com yaca.systems
1 voice.ulife.me 1 redirects
18 5

This site contains links to these domains. Also see Links.

Domain
discord.yaca.systems
github.com
www.privacypolicies.com
Subject Issuer Validity Valid
yaca.systems
GTS CA 1P5		 2023-12-04 -
2024-03-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-01-02 -
2024-04-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://yaca.systems/download
Frame ID: 39F97A3B9CAFDEB700F0E944A647C46F
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 2218B2557AE79ACB1B8A9C501259EC53
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-d1cd3e94a5430431bc215e394dc3220f.html
Frame ID: 10596BC099B067B371D3C6859B7BAAEA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Yet-Another-Communication-Addon

Page URL History Show full URLs

  1. http://voice.ulife.me/ HTTP 302
    https://yaca.systems/download Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

2118 kB
Transfer

4694 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://voice.ulife.me/ HTTP 302
    https://yaca.systems/download Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request download
yaca.systems/
Redirect Chain
  • http://voice.ulife.me/
  • https://yaca.systems/download
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yaca.systems/download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2deac68df8b4012c65b9f6f68ded3eb7730db41bfedb8caabc7a75c4bf75ce27
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
842f8752ee9e3673-FRA
content-encoding
br
content-security-policy
default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 09 Jan 2024 20:46:15 GMT
last-modified
Sun, 07 Jan 2024 11:56:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZDLECl4kEncVeK5GQjMhrUc5hKETb2TLC%2Bk2nOaq6zfmTRxDG%2BbBQWZ3MlozBSRllufTNWWsvcOqJ0670w%2BU8gGMGNy7pCpsbCrkXUAdEq8HYF%2FUcAnDaUi0Mb1VfUO0L%2BV%2FnZ2hWPnwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-dns-prefetch-control
off
x-download-options
noopen noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none none
x-xss-protection
0 1; mode=block

Redirect headers

CF-RAY
842f87529af7926d-FRA
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Date
Tue, 09 Jan 2024 20:46:15 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Location
https://yaca.systems/download
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DbZZ1aBr2Ei%2BUNRJXFXq0yRiSJBhbNNY%2Fz3kWZketulMRH76qw594Qm4qByP8RszntkS7rLrbdZbiOOpyOzRp8iXYd%2BDzO2aF8NPEmDMtGHk2upRiem86uzrSjC84v7nWrTk3QyO9ln0EW6"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter&family=Maven+Pro:wght@500&display=swap
Requested by
Host: yaca.systems
URL: https://yaca.systems/download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fc6dc631310bd01a3143944baf973607ae819382a21715b6c60223a27e2db8e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Jan 2024 20:46:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 20:46:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jan 2024 20:46:15 GMT
index-39d0513d.css
yaca.systems/assets/ 		961 KB
149 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yaca.systems/assets/index-39d0513d.css
Requested by
Host: yaca.systems
URL: https://yaca.systems/download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39d0513df4cafd71e61d1291db9579817efb1c94d1ceb8f93cb0ff6e6c1c7849
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:46:15 GMT
content-security-policy
default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
x-permitted-cross-domain-policies
none, none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 07 Jan 2024 11:56:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"f0402-18ce3c7e111"
x-download-options
noopen, noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fg8EDuFV17EHzNXAnsWw1xcMd0ZGvoTbiCJplPHCrvyQhVGsgkVvgHGUa3N3ot2WQVy%2Bz%2Fj0AMuCMQOUPejOmEhzXBTLS%2BNvisrYOF9TRnVO6LiOOwwHGVMGc7T3szYBFOM2LiHLtfUc7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
842f87533ef33673-FRA
rocket-loader.min.js
yaca.systems/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yaca.systems/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: yaca.systems
URL: https://yaca.systems/download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:46:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOHJEfJuuK4XfxhYWcvl%2FDkg%2FFsKHz1qfod1Bnm%2BM0UV%2BzeiGbpLkDMgsmjFmwCFe%2BnUQPRimnntSt%2FI9g8ud9HRIRSAhjlX%2Fcxn551ik2Pk7a%2Bi%2BaloG%2BUpHQmYBe3EQO7OuFdvtYJ0Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
842f87534f013673-FRA
expires
Thu, 11 Jan 2024 20:46:15 GMT
index-18de4013.js
yaca.systems/assets/ 		757 KB
238 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yaca.systems/assets/index-18de4013.js
Requested by
Host: yaca.systems
URL: https://yaca.systems/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f037e6deb5a7a4ef03fdfb6f953486285665e301fe7e884305139169e33d0dfa
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://yaca.systems
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:46:15 GMT
content-security-policy
default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
x-permitted-cross-domain-policies
none, none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 07 Jan 2024 11:56:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"bd372-18ce3c7e10d"
x-download-options
noopen, noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0Lj8b%2F5bj11s4UGzArr3l0%2FEhfBXePq1N6VbNY4jYdFWyuedPyaWrjb%2BxDefejntQzO35g0FOQUp1RYcr8%2BSLTtqxkPi3H3B8Vz33NSZKpqo%2BO5gJPNYJwMY4hm78FRF8wLdY5nB5mdVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
842f8753ceeb8ffe-FRA
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DHN1KTCC8W&l=dataLayer
Requested by
Host: yaca.systems
URL: https://yaca.systems/assets/index-18de4013.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7887f44630ae2b9ad9622985ce8830601ddae3cc8f1b539684cc584bdcc329b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:46:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94005
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 Jan 2024 20:46:15 GMT
getDownloads
yaca.systems/api/changelog/ 		348 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yaca.systems/api/changelog/getDownloads
Requested by
Host: yaca.systems
URL: https://yaca.systems/assets/index-18de4013.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03be647ec28248db65cc779e5abae9af2dd4a950dc68a4e48e2e6d323225a86b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:46:15 GMT
content-security-policy
default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none, none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
same-origin
x-download-options
noopen, noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHiB%2BA1ctBaafavSv5mBUZSseYGCoGCZ4SmWzChA8pqHJsiYDTl4fY5%2B%2FG6vljHQUBRfGS0fL%2BZeggS6DuQBBueM0utkGjGJQYWSqxjWXkwNLx1rdix%2FMoPAb4zRSQ%2B%2BJ1kcYoem%2Fc4IAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
cf-ray
842f8754df8d8ffe-FRA
v3
js.stripe.com/ 		581 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: yaca.systems
URL: https://yaca.systems/assets/index-18de4013.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-29.mxp64.r.cloudfront.net
Software
Cloudfront /
Resource Hash
c0bac4713d19aedd24d4c88ff6416f4949f48c6102939f4a5bffcb610f7a7719
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:45:49 GMT
content-encoding
br
via
1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
32
x-amz-cf-pop
MXP64-C3
x-cache
Hit from cloudfront
last-modified
Mon, 08 Jan 2024 22:27:50 GMT
server
Cloudfront
etag
W/"59df844eda15ab5eb053e9fa6e8c7f90"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
Ek9SWe46ienyQaAUZX9-nhBOWt9lY8PdAf8BfKU032aEHdBiTI8L1Q==
textLogo-822be230.svg
yaca.systems/assets/ 		216 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yaca.systems/assets/textLogo-822be230.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
822be230c68feb379153aa69d6275002ee7b610d35a4660561144212ca352395
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:46:15 GMT
content-security-policy
default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
x-permitted-cross-domain-policies
none, none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 07 Jan 2024 11:56:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"35f1a-18ce3c7e11d"
x-download-options
noopen, noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
origin-agent-cluster
?1
cache-control
public, max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcrmZjaM9aa%2BYeTGdOlmkk8yXU88p5zXxfPLI6sPEt5CH4nYlyGrm1dXMw2KhMBWBO6IH5XMKeohKosvJgCy5xcxvkX%2FMwrGggnyTlIr%2F%2B7g4FKBE7HQ0URP5heQBq%2F6IOzcm1u1KG%2BZ9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
842f87554fec8ffe-FRA
footerpic-ac6f0637.svg
yaca.systems/assets/ 		951 KB
680 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yaca.systems/assets/footerpic-ac6f0637.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac6f0637fb13af51a226eb62913ec8d847adfc8d37497fbaabfb6dd333546b56
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:46:15 GMT
content-security-policy
default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
x-permitted-cross-domain-policies
none, none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 07 Jan 2024 11:56:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"eda20-18ce3c7e109"
x-download-options
noopen, noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
origin-agent-cluster
?1
cache-control
public, max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JZMD0qqcTrizRhYW5gTaXGTAXk5pp4A39JAjzuOJLwip8TRBC116MppjSYa6RG7k8gDiL7Sis8%2B1YWHk%2BHh7Hwn19gWzjlbeYehwhT54A4aG9gTOdjj1JvpLZlSmvOvhOxnH%2FsImnIHdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
842f87554fee8ffe-FRA
hexagon-f1966908.svg
yaca.systems/assets/ 		96 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yaca.systems/assets/hexagon-f1966908.svg
Requested by
Host: yaca.systems
URL: https://yaca.systems/assets/index-39d0513d.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1966908fd4bae00422972e465a5dbbda816342e91183908b4a49393825db8bf
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:46:15 GMT
content-security-policy
default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
x-permitted-cross-domain-policies
none, none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 07 Jan 2024 11:56:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"1815a-18ce3c7e10d"
x-download-options
noopen, noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
origin-agent-cluster
?1
cache-control
public, max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L99NIbbkNASvWHasufQFandZEpDIUPq3nsIpbelhrVS04FTbR7JcDnqOUjt4R4smwAtWG1MnCRGY8UVSYIVb9mex%2FmUpQVDUvLYTfnG441qXHJaZDi4kRI1gahjDjLC9yhJGJQh4k6DCOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
842f87554ff18ffe-FRA
logo-b9da84fe.svg
yaca.systems/assets/ 		272 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yaca.systems/assets/logo-b9da84fe.svg
Requested by
Host: yaca.systems
URL: https://yaca.systems/assets/index-39d0513d.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9da84fef1b6da7ff6d060734c9885435b384d66ab6e86f705a3f1c00a2e59e6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:46:15 GMT
content-security-policy
default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
x-permitted-cross-domain-policies
none, none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 07 Jan 2024 11:56:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"43ebd-18ce3c7e111"
x-download-options
noopen, noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
origin-agent-cluster
?1
cache-control
public, max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30lZdYKKtpa7jl1mqOYV3xe8s8IN6b%2BGexIOdSMwJescUN6ZKuph20wtxqOG93jPHlOskTwjH1uIoLo%2FDv2eKA9G8an65X2NNoW41S7zodateMD%2FYfmEX2iw3xLT3HtfCXTk1EsdFEV2cA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
842f87554ff28ffe-FRA
us-ef4d2e6e.svg
yaca.systems/assets/ 		651 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yaca.systems/assets/us-ef4d2e6e.svg
Requested by
Host: yaca.systems
URL: https://yaca.systems/assets/index-39d0513d.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef4d2e6e3e54adf45621fb59ee5e9ef1fdde0566e03976acc8cb872894fee720
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:46:15 GMT
content-security-policy
default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
x-permitted-cross-domain-policies
none, none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 07 Jan 2024 11:56:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"28b-18ce3c7e11d"
x-download-options
noopen, noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Gzk92bWSnudX6MvPU5PL341xAtARmcLeDOHvfTU9S5S6sq%2Fk4o3frSUruSwBEZi0oXCiYIXV4vbCczI7lR2Z1MH0nmmJNgg%2Bl2XWbgWn8aYnKxdI4dC2hNGZkCjYraWTXKPzHZi5L%2Bi8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
public, max-age=0
cf-ray
842f87554ff38ffe-FRA
Franklin_Gothic_Demi-cfd1bb2c.ttf
yaca.systems/assets/ 		140 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yaca.systems/assets/Franklin_Gothic_Demi-cfd1bb2c.ttf
Requested by
Host: yaca.systems
URL: https://yaca.systems/assets/index-39d0513d.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfd1bb2c9b0e8b624952288acf9bdadaa64e52bc846e4720e2f0653359e5b8c5
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://yaca.systems
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:46:15 GMT
content-security-policy
default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
x-permitted-cross-domain-policies
none, none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 07 Jan 2024 11:56:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"22e54-18ce3c7e0f5"
x-download-options
noopen, noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21VQjd59Vym3APeS9sfpK%2FWdXVKtzoUayiKZc76bgkCEAe8eKnLabhfG2Vbn3LuQ3f3tEbCxcAohQQLQcVDCcmdLjvR%2Blk1lDODEQuCed%2FQK4ecKqWDsEmTiWnEVrTSMczxt06mGdqB7JA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
public, max-age=0
cf-ray
842f87554ff58ffe-FRA
fa-solid-900-417c616e.woff2
yaca.systems/assets/ 		323 KB
325 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yaca.systems/assets/fa-solid-900-417c616e.woff2
Requested by
Host: yaca.systems
URL: https://yaca.systems/assets/index-39d0513d.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
417c616e19d66e8bccb08ec8c47415c7f815453580e13ee9c58eb56f9ff6eccf
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://yaca.systems
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:46:15 GMT
content-security-policy
default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
x-permitted-cross-domain-policies
none, none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
content-length
330908
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 07 Jan 2024 11:56:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"50c9c-18ce3c7e101"
x-download-options
noopen, noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z79yvn%2FI5yVtTIlX7spJorULom65KqbyZqKiuDPELmA7Hz2AsJzRyXYRgDs%2F8RlwyLyhSA6YmdDTLGqLfs8XaDEnVk91%2FcpJJc2YYINYAPra1EUmb%2FFOipBOSgVnJ9kU%2FEj0CfwDPF2Fzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
842f87554ff68ffe-FRA
fa-brands-400-e67a9188.woff2
yaca.systems/assets/ 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yaca.systems/assets/fa-brands-400-e67a9188.woff2
Requested by
Host: yaca.systems
URL: https://yaca.systems/assets/index-39d0513d.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e67a91887d60a057bdafacae5e526d49d57c7653856785d6502321070b605e3c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://yaca.systems
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:46:15 GMT
content-security-policy
default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
BYPASS
x-permitted-cross-domain-policies
none, none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
content-length
105068
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 07 Jan 2024 11:56:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"19a6c-18ce3c7e0fd"
x-download-options
noopen, noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSVgmkCL5NpC2wD7V49RTABOZhT%2BSAA6oSqlNiE3bMRfM60soc%2FKt64%2FTJoMsYBAMdeCiqQsQdiU8DnC8KS%2FSw%2BursWqe0Asj7v1Ta0bWydv1UTPQRRhn%2BS6XPicYfFlUwj2Req291ZaFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
842f87554ff78ffe-FRA
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 2218 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-29.mxp64.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
553
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 20:37:04 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-id
dZrEgIPe8nc6FZsVId6yOrwLBQgktwZUwsCJu0i4bpcn9cHVwkming==
x-amz-cf-pop
MXP64-C3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-d1cd3e94a5430431bc215e394dc3220f.html
js.stripe.com/v3/ Frame 1059 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-d1cd3e94a5430431bc215e394dc3220f.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-29.mxp64.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
35
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 20:45:42 GMT
etag
"d1cd3e94a5430431bc215e394dc3220f"
last-modified
Mon, 08 Jan 2024 21:41:43 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7547a9346c879171aa25dbfdda694b20.cloudfront.net (CloudFront)
x-amz-cf-id
6otkrc7uGFCBGHoy78ssw2U6Ki41-w16ikj0LUo95Z4RBex_MUphiA==
x-amz-cf-pop
MXP64-C3
x-cache
Hit from cloudfront
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| __cfQR boolean| __cfRLUnblockHandlers function| initCookieConsent object| __VUE_INSTANCE_SETTERS__ boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE__ boolean| _cookieconsent object| dataLayer function| gtag boolean| ga-disable-G-DHN1KTCC8W object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| webpackChunkStripeJSouter function| noop function| Stripe

4 Cookies

Domain/Path Name / Value
yaca.systems/ Name: yaca_website
Value: HQaYCLzCTGaV6M6Ssv7OKyerV8WrfMvK.j%2F1KCPnGW9bs7Jjac250oiCJTzVd8xFQRhe%2BjgrVa6Q
m.stripe.com/ Name: m
Value: 30fa6e54-22e1-4178-93c0-aaf5268c6e504d822b
.yaca.systems/ Name: __stripe_mid
Value: 311d6404-7319-4413-af5d-01fbce8538e65b1947
.yaca.systems/ Name: __stripe_sid
Value: 8e240765-4739-48cc-856c-577493425c016c1961

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.google-analytics.com/;script-src 'self' 'unsafe-eval' https://csp-reporting.cloudflare.com/ https://js.stripe.com/v3 https://js.stripe.com/v3/ https://www.googletagmanager.com/ https://challenges.cloudflare.com/;frame-src 'self' https://www.youtube.com/ https://js.stripe.com/ https://challenges.cloudflare.com/;img-src 'self' data: * blob: 'unsafe-inline';worker-src 'self' blob:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0 1; mode=block