app.caya.com Open in urlscan Pro
2a05:d014:58f:6201::64 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.caya.com/
Submission: On June 23 via api (June 23rd 2024, 12:46:59 am UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 13 domains to perform 51 HTTP transactions. The main IP is 2a05:d014:58f:6201::64, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is app.caya.com.
TLS certificate: Issued by R3 on May 11th 2024. Valid for: 3 months.

This is the only time app.caya.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2a05:d014:58f... 2a05:d014:58f:6201::64	16509 (AMAZON-02) (AMAZON-02)
1	146.185.171.17 146.185.171.17	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:7047::	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:9ad3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	116.203.90.127 116.203.90.127	24940 (HETZNER-AS) (HETZNER-AS)
4	172.67.135.90 172.67.135.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2251:9a00:1e:14d2:6dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2251:8200:1e:14d2:6dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	99.81.160.215 99.81.160.215	16509 (AMAZON-02) (AMAZON-02)
1	35.160.35.184 35.160.35.184	16509 (AMAZON-02) (AMAZON-02)
1	18.245.86.69 18.245.86.69	16509 (AMAZON-02) (AMAZON-02)
2	35.82.39.1 35.82.39.1	16509 (AMAZON-02) (AMAZON-02)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
1	2600:9000:276... 2600:9000:2761:1400:6:25cd:c280:93a1	16509 (AMAZON-02) (AMAZON-02)
51	20

18 2a05:d014:58f:6201::64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

app.caya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.185.171.17 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7047:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

rum.browser-intake-datadoghq.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9ad3 (United States)

ASN13335 (CLOUDFLARENET, US)

caya.refersion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.90.127 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.127.90.203.116.clients.your-server.de

consent.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.135.90 (United States)

ASN13335 (CLOUDFLARENET, US)

run.louassist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.louassist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.louassist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:9a00:1e:14d2:6dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.refiner.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:8200:1e:14d2:6dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.refiner.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.160.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-160-215.eu-west-1.compute.amazonaws.com

api.refiner.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.35.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-35-184.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-69.fra60.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.82.39.1 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-39-1.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f10.1e100.net

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2761:1400:6:25cd:c280:93a1 (United States)

ASN16509 (AMAZON-02, US)

viewer.louassist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	caya.com app.caya.com	686 KB
6	segment.com cdn.segment.com — Cisco Umbrella Rank: 1789	60 KB
5	louassist.com run.louassist.com — Cisco Umbrella Rank: 264570 api.louassist.com — Cisco Umbrella Rank: 110817 cdn.louassist.com — Cisco Umbrella Rank: 252651 viewer.louassist.com — Cisco Umbrella Rank: 144580	134 KB
4	googleapis.com firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 642 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 487	1 KB
4	refiner.io js.refiner.io — Cisco Umbrella Rank: 73847 api.refiner.io — Cisco Umbrella Rank: 41984	21 KB
3	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3971 api.amplitude.com — Cisco Umbrella Rank: 2330	18 KB
2	refersion.com caya.refersion.com	3 KB
2	browser-intake-datadoghq.eu rum.browser-intake-datadoghq.eu — Cisco Umbrella Rank: 11739	498 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	208 KB
2	cookie-script.com cdn.cookie-script.com — Cisco Umbrella Rank: 24176 consent.cookie-script.com — Cisco Umbrella Rank: 42643	36 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1325	173 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355	253 B
1	gstatic.com www.gstatic.com	15 KB
51	13

	Domain	Requested by
18	app.caya.com	app.caya.com
6	cdn.segment.com	app.caya.com cdn.segment.com
2	firebaseremoteconfig.googleapis.com	app.caya.com
2	api.amplitude.com	app.caya.com
2	api.louassist.com	app.caya.com
2	api.refiner.io	app.caya.com
2	firebaseinstallations.googleapis.com	app.caya.com
2	js.refiner.io	www.googletagmanager.com js.refiner.io
2	caya.refersion.com	www.googletagmanager.com caya.refersion.com
2	rum.browser-intake-datadoghq.eu	app.caya.com
2	www.googletagmanager.com	app.caya.com www.googletagmanager.com
1	viewer.louassist.com	cdn.louassist.com
1	cdn.louassist.com	run.louassist.com
1	cdn.amplitude.com	cdn.segment.com
1	api.segment.io	app.caya.com
1	region1.google-analytics.com	www.googletagmanager.com
1	run.louassist.com	www.googletagmanager.com
1	consent.cookie-script.com	app.caya.com
1	www.gstatic.com	app.caya.com
1	cdn.cookie-script.com	app.caya.com
51	20

This site contains links to these domains. Also see Links.

Domain
play.google.com
apps.apple.com
www.caya.com

Subject Issuer	Validity	Valid
app.caya.com R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-11` - `2024-07-25`	10 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.browser-intake-datadoghq.eu DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-14` - `2025-05-17`	a year	crt.sh
refersion.com E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
louassist.com E1	`2024-04-25` - `2024-07-24`	3 months	crt.sh
js.refiner.io Amazon RSA 2048 M02	`2023-09-27` - `2024-10-24`	a year	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
api.refiner.io Amazon RSA 2048 M03	`2024-04-21` - `2025-05-20`	a year	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
cdn.amplitude.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-12`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2024-01-31` - `2025-03-02`	a year	crt.sh
*.louassist.com Amazon RSA 2048 M02	`2024-03-10` - `2025-04-08`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://app.caya.com/
Frame ID: C2C93EA5E0A177D8825A2912F975371C
Requests: 48 HTTP requests in this frame

Frame: https://js.refiner.io/v001/render/index.html
Frame ID: 148355BE3B1F723B39190072D487B5E4
Requests: 1 HTTP requests in this frame

Frame: https://viewer.louassist.com/?folderId=null&companyId=945152563467
Frame ID: EE3F9ED12AC118E76D0BFFE6F89FEB14
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Caya Document Cockpit

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

LOU (User Onboarding) Expand

Overall confidence: 100%
Detected patterns

cdn\.louassist\.com*

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

51
Requests

100 %
HTTPS

53 %
IPv6

13
Domains

20
Subdomains

20
IPs

4
Countries

1182 kB
Transfer

3704 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=de.amnds.caya

Search URL Search Domain Scan URL

URL: https://apps.apple.com/de/app/caya-briefe-digital-empfangen/id1269118470

Search URL Search Domain Scan URL

URL: https://www.caya.com/legals/datenschutzerklarung
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
app.caya.com/ 7 KB
4 KB 83ms
21ms Document
text/html 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

cd90176c6d062ddb5912a695168ee8d1d8aec0bef4406ec6b64a0fc20f714358

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 41957
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-length: 2225
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-type: text/html; charset=UTF-8
date: Sun, 23 Jun 2024 00:46:54 GMT
etag: "903814590e70993545bbf25f6199e36e-ssl-df"
frame-ancestors: none
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: DENY
x-nf-request-id: 01J118YV3M3BKZD6EYQZGRWA6D

GET
H2 200 3368cfb0bd3f015652603a3f83a35664.js Show response
cdn.cookie-script.com/s/ 228 KB
36 KB 88ms
26ms Script
application/javascript 146.185.171.17
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookie-script.com/s/3368cfb0bd3f015652603a3f83a35664.js
Requested by: Host: app.caya.com
URL: https://app.caya.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.171.17 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bb994120ffec62261cf84fbff3a41a9dec5201ce0997b649601ec41eb41c66f0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 00:46:54 GMT
content-encoding: gzip
last-modified: Sat, 04 May 2024 04:39:43 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"8b1cbd6647cb784306970db6669b7c51"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 styles.f1344d79c7f13256.css
app.caya.com/ 1 KB
734 B 22ms
21ms Stylesheet
text/css 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/styles.f1344d79c7f13256.css

Requested by

Host: app.caya.com
URL: https://app.caya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

62e058526f3e527f9529e08343a3b2bec4211063678b86b92b51fe4cc7d8cac6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YV4FKB5JGN5PFTHY51QD
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-encoding: br
frame-ancestors: none
date: Sun, 23 Jun 2024 00:46:54 GMT
strict-transport-security: max-age=31536000
age: 99258
content-length: 618
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "3fc1f201ebcdc0806ef9a5540b1d449b-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 vendor.248bf5866e2c2f60.css
app.caya.com/ 3 KB
1 KB 26ms
24ms Stylesheet
text/css 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/vendor.248bf5866e2c2f60.css

Requested by

Host: app.caya.com
URL: https://app.caya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

1be25fe6a7dce7a728f49128346ab28105ca3546094dca863f08303000ba0105

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YV4FWQXBTZHFTWZWZWQX
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-encoding: br
frame-ancestors: none
date: Sun, 23 Jun 2024 00:46:54 GMT
strict-transport-security: max-age=31536000
age: 99258
content-length: 1030
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "b4eb879a3aefc9de1b26cd0a9f9b133a-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 runtime.acb4820d3f505f7e.js Show response
app.caya.com/ 5 KB
3 KB 24ms
23ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/runtime.acb4820d3f505f7e.js

Requested by

Host: app.caya.com
URL: https://app.caya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

2d4543220a6858b4b549ee63d78d11f023166e0260bb2a97f52e6c69a08b4142

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Origin: https://app.caya.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YV4G3EVH3HWGZ4EY3PRR
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-encoding: br
frame-ancestors: none
date: Sun, 23 Jun 2024 00:46:54 GMT
strict-transport-security: max-age=31536000
age: 99258
content-length: 2720
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "f709c29badee475d8fad21fa90349c0d-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 polyfills.a598fa0d018e21ff.js Show response
app.caya.com/ 100 KB
35 KB 26ms
25ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/polyfills.a598fa0d018e21ff.js

Requested by

Host: app.caya.com
URL: https://app.caya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

d2ea5c176d1f90254c0034683c214c5c1a59498fdbf22362239eb4d590223e47

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Origin: https://app.caya.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YV4GZMNJJ4V2RMCHRF0Y
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-encoding: br
frame-ancestors: none
date: Sun, 23 Jun 2024 00:46:54 GMT
strict-transport-security: max-age=31536000
age: 99258
content-length: 35827
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "f1447c9b3e9f6f29074b579c8446d19a-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 styles.ad37f2c0a7874dc3.js Show response
app.caya.com/ 138 B
255 B 23ms
22ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/styles.ad37f2c0a7874dc3.js

Requested by

Host: app.caya.com
URL: https://app.caya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

d12b00be4d69a685e6a3b32a32fd5cfd7297727581f527deac5b91e43425a32d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Origin: https://app.caya.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YV4GK81T65ERN7P09VH2
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
date: Sun, 23 Jun 2024 00:46:54 GMT
frame-ancestors: none
strict-transport-security: max-age=31536000
server: Netlify
age: 99258
cache-status: "Netlify Edge"; hit
etag: "3aa71a45cf75feca52e52349853e07ae-ssl"
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 138

GET
H2 200 vendor.900deb4246c8289d.js Show response
app.caya.com/ 927 KB
264 KB 46ms
46ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/vendor.900deb4246c8289d.js

Requested by

Host: app.caya.com
URL: https://app.caya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

0fac6482c047036b4fb08e0e1cc328076859f8987a248b9a6e810cd4b6e4af84

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Origin: https://app.caya.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YV4GCRF4ESDH234VY711
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-encoding: br
frame-ancestors: none
date: Sun, 23 Jun 2024 00:46:54 GMT
strict-transport-security: max-age=31536000
age: 99258
content-length: 270243
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "8cec048a1914c28e5e2bb226815329e4-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 main.d3574b3cc801a203.js Show response
app.caya.com/ 473 KB
106 KB 81ms
81ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/main.d3574b3cc801a203.js

Requested by

Host: app.caya.com
URL: https://app.caya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

099aa7e20fc7cc9e222cfd746d2e09ac5f324c1ae9cf40038d920317874ccdbe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Origin: https://app.caya.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YV4GHFPAAH8AF83XS8SY
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-encoding: br
frame-ancestors: none
date: Sun, 23 Jun 2024 00:46:54 GMT
strict-transport-security: max-age=31536000
age: 99258
content-length: 108232
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "ee9aaa3f398e948debcefdceffc92580-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/kY2RGNSz6RDJm50Z4hJR1icrn4QkX1I9/ 103 KB
28 KB 676ms
612ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/kY2RGNSz6RDJm50Z4hJR1icrn4QkX1I9/analytics.min.js
Requested by: Host: app.caya.com
URL: https://app.caya.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8467b0356c3893539c2f91afca75009905bff7de52929ab1fe408cbebc7d268c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: y6HG3qiOrqa5rRVt2QEu_QiLWYzEy2jL
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
date: Sun, 23 Jun 2024 00:46:55 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 30 May 2024 23:29:54 GMT
server: AmazonS3
etag: W/"30b7cde09f58e2cd2df7ccb3741813c8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: idC8zebplNctzpUlGXv5e8o7240EZ75YTkMvDKjhtciEYaOw3SSDbg==

GET
H2 200 firebase-performance-standalone.js Show response
www.gstatic.com/firebasejs/7.14.5/ 47 KB
15 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.14.5/firebase-performance-standalone.js

Requested by

Host: app.caya.com
URL: https://app.caya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ce7b51349994deec0b4f0f89fe6fcab182e9282b5b76ee3989c2806fa38624b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14350
x-xss-protection: 0
last-modified: Thu, 21 May 2020 21:27:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jun 2025 14:57:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 298 KB
94 KB 94ms
46ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P5LL6CZ&gtm_auth=ljRAR3WEWcMeZ8IYntctTg&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: app.caya.com
URL: https://app.caya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46f8ac2f017719bd8b960d103fda55e08ad52cd61c8a39f26b4a5119a1f2ea22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 00:46:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95859
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 197.5cdaa5b8f2bc4955.js Show response
app.caya.com/ 1 KB
2 KB 21ms
21ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/197.5cdaa5b8f2bc4955.js

Requested by

Host: app.caya.com
URL: https://app.caya.com/runtime.acb4820d3f505f7e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

625e9cc195b59f93041a611eda74a2e0f956fac64434df2c4442f0c04f91f7ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Origin: https://app.caya.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YVAS4M8NQRD4SPBA2248
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-encoding: br
frame-ancestors: none
date: Sun, 23 Jun 2024 00:46:54 GMT
strict-transport-security: max-age=31536000
age: 44694
content-length: 523
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "aa5a15c40bb00c2a2f78a0dc3ff3fd18-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 990.1d1373f720271bc0.js Show response
app.caya.com/ 238 KB
68 KB 24ms
24ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/990.1d1373f720271bc0.js

Requested by

Host: app.caya.com
URL: https://app.caya.com/runtime.acb4820d3f505f7e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

185519e0431a1da9491354cc456bc583bb102836bbe108ee63a889863729f82f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Origin: https://app.caya.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YVAV8X9TTSP5FV4KX7E7
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-encoding: br
frame-ancestors: none
date: Sun, 23 Jun 2024 00:46:54 GMT
strict-transport-security: max-age=31536000
age: 99258
content-length: 69152
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "356629e54f25aa36be87c51e92c96c4f-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 157.d78f7ae59ce91c9c.js Show response
app.caya.com/ 23 KB
8 KB 23ms
23ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/157.d78f7ae59ce91c9c.js

Requested by

Host: app.caya.com
URL: https://app.caya.com/runtime.acb4820d3f505f7e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

39bf571527a8d275e138755461efaf01f8042a797ce99a9eaaaeb14df0873e13

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Origin: https://app.caya.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YVAV56VKE0DHV34YGX5F
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-encoding: br
frame-ancestors: none
date: Sun, 23 Jun 2024 00:46:54 GMT
strict-transport-security: max-age=31536000
age: 99258
content-length: 7771
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "5dac3ec38d67307dce592bebb7376dfe-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 888.57d5bfac72bd5758.js Show response
app.caya.com/ 61 KB
15 KB 23ms
23ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/888.57d5bfac72bd5758.js

Requested by

Host: app.caya.com
URL: https://app.caya.com/runtime.acb4820d3f505f7e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

41d0132843fbeae2e6e1e557eee2b3cd7819f4790b60ccea3ebf077521865503

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Origin: https://app.caya.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YVAVCYBET7SSVBEMF24D
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-encoding: br
frame-ancestors: none
date: Sun, 23 Jun 2024 00:46:54 GMT
strict-transport-security: max-age=31536000
age: 99258
content-length: 15330
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "a1d770dfcf17bb17a9a3d7a57e48c8de-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 803.c569c867902758a8.js Show response
app.caya.com/ 38 KB
10 KB 22ms
22ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/803.c569c867902758a8.js

Requested by

Host: app.caya.com
URL: https://app.caya.com/runtime.acb4820d3f505f7e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

62d040f261db22ccf304bfb2a42801e036b13b72af19c2330c68fa81cd1d74f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Origin: https://app.caya.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YVAVSBB45RQY950Y44EA
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-encoding: br
frame-ancestors: none
date: Sun, 23 Jun 2024 00:46:54 GMT
strict-transport-security: max-age=31536000
age: 99258
content-length: 9974
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "6b5733b7a50d36d68faffe76d384536e-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 cayan-running-white-500.gif
app.caya.com/assets/rebrand/icons/ 65 KB
65 KB 24ms
23ms Image
image/gif 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.caya.com/assets/rebrand/icons/cayan-running-white-500.gif

Requested by

Host: app.caya.com
URL: https://app.caya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

ebde55822d2ad1d9c4b114fc199d31c3037feed2d0dfab6d9d3252181dc3e4c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YVAYKYVV75W015FTKTN1
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
date: Sun, 23 Jun 2024 00:46:54 GMT
frame-ancestors: none
strict-transport-security: max-age=31536000
server: Netlify
age: 104560
cache-status: "Netlify Edge"; hit
etag: "8b9b346639bb62fbf846ee6e4f9c4056-ssl"
x-frame-options: DENY
content-type: image/gif
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 66294

GET
H2 200 810.554354a5de36f1fe.js Show response
app.caya.com/ 36 KB
11 KB 23ms
22ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/810.554354a5de36f1fe.js

Requested by

Host: app.caya.com
URL: https://app.caya.com/runtime.acb4820d3f505f7e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

5bb357bf076a39ef01b07dc33a39acef5a99a4c6ad271832a46f405221d272ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Origin: https://app.caya.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YVB6YN542VSXY9SNY4D6
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-encoding: br
frame-ancestors: none
date: Sun, 23 Jun 2024 00:46:54 GMT
strict-transport-security: max-age=31536000
age: 99257
content-length: 11137
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "eee6b234c5a56d4a66f7253a49fbec15-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 266.8ee4a0aa12cd9238.js Show response
app.caya.com/ 219 KB
60 KB 23ms
23ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/266.8ee4a0aa12cd9238.js

Requested by

Host: app.caya.com
URL: https://app.caya.com/runtime.acb4820d3f505f7e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

91dd3b32d12baccf26b0ed9d9ad30f26e4cae633ec252dda48f2a3a93b8a45b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Origin: https://app.caya.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YVB78ND9NA8HAFE9EZ70
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-encoding: br
frame-ancestors: none
date: Sun, 23 Jun 2024 00:46:54 GMT
strict-transport-security: max-age=31536000
age: 99257
content-length: 60329
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "2f8d7d246c321ebec46e2aa97933806a-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H2 200 735.b25d94297a4a4e3c.js Show response
app.caya.com/ 138 KB
31 KB 21ms
21ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/735.b25d94297a4a4e3c.js

Requested by

Host: app.caya.com
URL: https://app.caya.com/runtime.acb4820d3f505f7e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

22b5c3c2bdf6fe62fdcf6d94371ba8b095406fc0ed65d0d4f1753734d82fa407

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Origin: https://app.caya.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YVB7S5KN6ZT6WFXA1B8S
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
content-encoding: br
frame-ancestors: none
date: Sun, 23 Jun 2024 00:46:54 GMT
strict-transport-security: max-age=31536000
age: 44694
content-length: 31403
server: Netlify
cache-status: "Netlify Edge"; hit
etag: "28caa86c179edba6c680d03da1fe6cb9-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.eu/api/v2/ 53 B
350 B 104ms
55ms Fetch
application/json 2600:1901:0:7047::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Aweb-app%2Cversion%3A5.19.2&dd-api-key=pub7543c2b42153fd205d3bda29681296a5&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=ca51ab22-0723-4929-99bb-662e5d7cd6eb&batch_time=1719103614379

Requested by

Host: app.caya.com
URL: https://app.caya.com/vendor.900deb4246c8289d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7047:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

95f5e1ace04699ba8fa71603fad1b6b887597ad903e6c460e2ebb61b4e4ab6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 23 Jun 2024 00:46:54 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
via: 1.1 google
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
dd-request-id: ca51ab22-0723-4929-99bb-662e5d7cd6eb

GET
H2 200 pub_0cdb5bf5c2fa91513b41.js Show response
caya.refersion.com/tracker/v3/ 643 B
769 B 98ms
37ms Script
application/javascript 2606:4700:4400::ac40:9ad3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://caya.refersion.com/tracker/v3/pub_0cdb5bf5c2fa91513b41.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5LL6CZ&gtm_auth=ljRAR3WEWcMeZ8IYntctTg&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ad3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0914f355375a0ce681879a7d2df0e930184a7dfa63db00daa3371648822d6454

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' https: http:; object-src 'none';
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 00:46:54 GMT
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' https: http:; object-src 'none';
content-encoding: gzip
cf-cache-status: HIT
x-server-name: caya.refersion.com
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 3090
cf-polished: origSize=648
cf-bgj: minify
server: cloudflare
last-modified: Sat, 22 Jun 2024 23:55:24 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 898076b6ad529150-FRA
expires: Sun, 23 Jun 2024 01:46:54 GMT

GET
H2 200 pub_0cdb5bf5c2fa91513b41.js Show response
caya.refersion.com/tracker/v3/merchant/ 7 KB
2 KB 41ms
41ms Script
application/javascript 2606:4700:4400::ac40:9ad3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://caya.refersion.com/tracker/v3/merchant/pub_0cdb5bf5c2fa91513b41.js?v=93

Requested by

Host: caya.refersion.com
URL: https://caya.refersion.com/tracker/v3/pub_0cdb5bf5c2fa91513b41.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ad3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac587537e3e114f909f0ff4df30d78c26811c7d2fdc82d366fbf66fce2513818

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' https: http:; object-src 'none';
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 00:46:54 GMT
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' https: http:; object-src 'none';
content-encoding: gzip
cf-cache-status: HIT
x-server-name: caya.refersion.com
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 2604
cf-polished: origSize=7021
cf-bgj: minify
server: cloudflare
last-modified: Sun, 23 Jun 2024 00:03:30 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 898076b6ed7c9150-FRA
expires: Sun, 23 Jun 2024 01:46:54 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/kY2RGNSz6RDJm50Z4hJR1icrn4QkX1I9/ 2 KB
1 KB 71ms
24ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/kY2RGNSz6RDJm50Z4hJR1icrn4QkX1I9/settings
Requested by: Host: app.caya.com
URL: https://app.caya.com/vendor.900deb4246c8289d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42892b4eb13a5f1275269065236d8be9a6d4d405e43c31ee7f2ebdff51ac471b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vxCRlPO_iEtnWXIVYthab08cI.FSpbjY
content-encoding: br
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
date: Sun, 23 Jun 2024 00:27:07 GMT
x-amz-cf-pop: FRA6-C1
age: 1188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Jun 2023 16:47:58 GMT
server: AmazonS3
etag: W/"9887ffd9591bfa770c78f39749eff3d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: zbcTsmPEkNX8GzeN4l0xdXvyrpdfDIQt3CZxLtgTvFW1lD_gEkZdEQ==

GET
H2 200 analytics Show response
consent.cookie-script.com/ 47 B
454 B 366ms
309ms XHR
application/json 116.203.90.127
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookie-script.com/analytics?action=firstshown&time=1719103614788&script=3368cfb0bd3f015652603a3f83a35664&category=
Requested by: Host: app.caya.com
URL: https://app.caya.com/vendor.900deb4246c8289d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.203.90.127 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.127.90.203.116.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e46a82919186fb474917e7a6c27594fe7ba0b725462288bd0373070f21f18bd6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 00:46:55 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
x-amzn-trace-id: Root=1-6677707e-349877c304fb98b91cd6434d;Parent=002386229c7bb615;Sampled=0;lineage=a8669a4e:0
x-amzn-requestid: b163e79c-ba54-4cc1-b908-745ee51d325d
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: Zy6D3ERXjoEEFFQ=
content-length: 47
x-amz-cf-id: Vv9jL61QET3GxgtjinJWQpnH8JNfa3lcRAzAyGg-Nea9JFe8I3ZEfQ==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30b8c08723b0af130800167aeee7da1d2c3419484e20b2c1d3db5833801bf294

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 712cba3fa8fa2aceeed253c363eb34d1c122a5159027d256815fc94b0941b3de

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 v2.5.1-m Show response
run.louassist.com/ 3 KB
2 KB 99ms
53ms Script
text/javascript 172.67.135.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://run.louassist.com/v2.5.1-m?id=945152563467
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5LL6CZ&gtm_auth=ljRAR3WEWcMeZ8IYntctTg&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.135.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 011212f2fd4d8ef1a8aa82adcbbfd224353e49ba45ee2cb8974251130a04cada

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 00:46:54 GMT
via: 1.1 79d85d2de1f5aa38558ef6bab6274390.cloudfront.net (CloudFront)
content-encoding: zstd
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P9
age: 72218
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Nov 2020 07:19:36 GMT
server: cloudflare
etag: W/"5c39b78a21e30efcef352f61d1759b5e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFi9UE4XuCtJCUVhwvNf6jxIlGGVY5FIWe%2BoRKmIxTrDQ4AoP2%2B6EOLw1dINHBPVepjGO%2FtFoy3EgddCpAiZYKtGHVa2UfZNESlVWacjJF6hozMUHqavvkyA7dkjDKF7BLUjSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 898076b8d9696934-FRA
x-amz-cf-id: yt8V-Fv-oarzgVeSc1l0o1AH5A3Tgeq2YFng9_GfSjj2pGNU8iuzOA==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 338 KB
114 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-EX7KKSJ6MR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5LL6CZ&gtm_auth=ljRAR3WEWcMeZ8IYntctTg&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b69473febd33d32587ff87f1e959bb2061f24d780095e37c772c2915b7ed54a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 00:46:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 116223
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 23 Jun 2024 00:46:54 GMT

GET
H2 200 client.js Show response
js.refiner.io/v001/ 55 KB
19 KB 86ms
24ms Script
application/javascript 2600:9000:2251:9a00:1e:14d2:6dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.refiner.io/v001/client.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5LL6CZ&gtm_auth=ljRAR3WEWcMeZ8IYntctTg&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9a00:1e:14d2:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f7260ea1a6c8bf27806b9f9edae291d666f6cb812a3f272bbdb09d91e3f4a08

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: _sJ2l3nP1HLEExqFdvLPTqDZiUYmBqii
content-encoding: gzip
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
date: Sun, 23 Jun 2024 00:35:51 GMT
last-modified: Wed, 19 Jun 2024 14:13:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 679
etag: "11996f3aa4173b86c62448808b9981af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
content-length: 19150
x-amz-cf-id: cduHDLbGS2-yKFvDAXTfdChXHUiQoH6sMS-LhwwxV9Fyq8CbPp10sA==

GET
H2 200 favicon.png
app.caya.com/ 3 KB
3 KB 20ms
20ms Other
image/png 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.caya.com/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

9bdad8ed01fb47a43c1e0140a21a8456aa25e79d73856d56c6214c7fc433830d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J118YVTVHS6D9QEP1M8CV4X1
content-security-policy: default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' *; frame-src 'self' blob: *.appcues.com *.chargebee.com secure.getcaya.com secure.caya.com www.google.com *.refiner.io *.hotjar.com *.workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.appcues.com *.chargebee.com *.googletagmanager.com *.gstatic.com *.segment.com *.segment.io *.xs2a.com *.ads-twitter.com *.amplitude.com *.bing.com *.doubleclick.net *.facebook.com *.facebook.net *.getcaya.com *.caya.com getcaya.com caya.com *.hotjar.com *.google-analytics.com *.google.com *.google.de *.googleadservices.com *.googleapis.com *.googletagmanager.com *.licdn.com *.linkedin.com rapidzebra.io *.rapidzebra.io *.refersion.com *.refiner.io *.t.co *.zdassets.com *.zendesk.com *.zopim.com *.heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com *.workato.com *.louassist.com cdn.firstpromoter.com *.mida.so ; style-src 'self' 'unsafe-inline' *.appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com *.getcaya.com *.caya.com getcaya.com caya.com *.heapanalytics.com heapanalytics.com *.workato.com ; img-src 'self' * blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
date: Sun, 23 Jun 2024 00:46:54 GMT
frame-ancestors: none
strict-transport-security: max-age=31536000
server: Netlify
age: 99258
cache-status: "Netlify Edge"; hit
etag: "8f1b7cd29fe02f01e413efdbcf7a9e5b-ssl"
x-frame-options: DENY
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 2852

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/caya-65f30/ Frame 0
0 99ms
35ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/caya-65f30/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://app.caya.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app.caya.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 23 Jun 2024 00:46:54 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/caya-65f30/ 617 B
676 B 387ms
387ms Fetch
application/json 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/caya-65f30/installations

Requested by

Host: app.caya.com
URL: https://app.caya.com/vendor.900deb4246c8289d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b7c1b17a8b29d0a735f90f54952ecebffdc6651c8e6970e4c0b292d9b07689e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://app.caya.com/
x-goog-api-key: AIzaSyC2GViCAw1JcOWuBbOW4659rNGODOHGA4E
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 00:46:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app.caya.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 485
x-xss-protection: 0

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 22ms
21ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/kY2RGNSz6RDJm50Z4hJR1icrn4QkX1I9/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 15:05:40 GMT
x-amz-version-id: 1lCjHefPzcRt0EbQDFkkb.6FnzhNuKxa
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 5910075
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Apr 2024 21:39:45 GMT
server: AmazonS3
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: d-VPo1Hcd7pNUA1oWBzvQF8szKXUo6SX8i50K5Viw5qoUIcOZCJ6gg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 86ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EX7KKSJ6MR&gtm=45je46j0v869728742z8889394989za200zb889394989&_p=1719103614273&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&gdid=dMmY1Mm&cid=1653976612.1719103615&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=1&sid=1719103614&sct=1&seg=0&dl=https%3A%2F%2Fapp.caya.com%2Flogin&dt=Caya%20Document%20Cockpit&en=identify_customer&_fv=1&_nsi=1&_ss=1&ep.event_id=1719103614800.978707.13&epn.event_time=1719103615&tfd=884&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-EX7KKSJ6MR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 00:46:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.caya.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 21ms
21ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/kY2RGNSz6RDJm50Z4hJR1icrn4QkX1I9/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 13 Feb 2024 21:44:05 GMT
x-amz-version-id: GdbKd8UgUP5EXZpDaTRDFeJkJbyj8x6E
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 11242970
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Feb 2024 18:05:05 GMT
server: AmazonS3
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: zcGO3_JD0FwbGwTNqH_i99ZA6Xd3abtKC1J-zIYahe5obnZEWXzR8w==

GET
H2 200 index.html
js.refiner.io/v001/render/ Frame 1483 0
0 59ms
20ms Document
text/html 2600:9000:2251:8200:1e:14d2:6dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.refiner.io/v001/render/index.html
Requested by: Host: js.refiner.io
URL: https://js.refiner.io/v001/client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:8200:1e:14d2:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app.caya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 4110
content-encoding: gzip
content-length: 304
content-type: text/html; charset=utf-8
date: Sat, 22 Jun 2024 23:38:25 GMT
etag: "2d3196399d5efff63de138b2368cd115"
last-modified: Tue, 18 Jun 2024 12:34:33 GMT
server: AmazonS3
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-cf-id: K53B-GqtPIb4hPx8f7qjU1Jd4bE58LW4B5VNgjyK1DR8SKFUz-3YBQ==
x-amz-cf-pop: FRA60-P3
x-amz-version-id: a0Ih9v9H78hMGxLuwxwDQtu4j16wjnKq
x-cache: Hit from cloudfront

POST
H2 400 identify-user Show response
api.refiner.io/js-client/v1/1220fed0-f5c3-11ea-966d-c5f37e836332/ 177 B
2 KB 54ms
54ms XHR
application/json 99.81.160.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.refiner.io/js-client/v1/1220fed0-f5c3-11ea-966d-c5f37e836332/identify-user

Requested by

Host: app.caya.com
URL: https://app.caya.com/vendor.900deb4246c8289d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.160.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-160-215.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

f105567d5dc930eafbc18a083e72192cea71526f2e5b6c05f4aacdf2e2d07c6a

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.caya.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 00:46:55 GMT
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-length: 158
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.52 (Ubuntu)
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=2147483648
vary: Accept-Encoding
x-ratelimit-remaining: 119
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-download-options: noopen
cache-control: no-cache, private, public
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
x-ratelimit-limit: 120
access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization
x-frame-options: sameorigin

OPTIONS
H2 200 identify-user
api.refiner.io/js-client/v1/1220fed0-f5c3-11ea-966d-c5f37e836332/ Frame 0
0 152ms
51ms Preflight
application/json 99.81.160.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.refiner.io/js-client/v1/1220fed0-f5c3-11ea-966d-c5f37e836332/identify-user

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.160.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-160-215.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.caya.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-cache, private max-age=86400, public
content-length: 0
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
content-type: application/json
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jun 2024 00:46:55 GMT
expect-ct: max-age=2147483648
expires: Mon, 24 Jun 2024 00:46:55 GMT
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.52 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H3 200 / Show response
api.louassist.com/v1/assistant/public/945152563467/script-data/ 49 B
587 B 461ms
411ms Fetch
application/json 172.67.135.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.louassist.com/v1/assistant/public/945152563467/script-data/

Requested by

Host: app.caya.com
URL: https://app.caya.com/vendor.900deb4246c8289d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.135.90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6666b8ab80e15f9d5669bdc28347ab465290bae49e64579bc5079386b52d7189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 00:46:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
x-frame-options: DENY
vary: Accept, Origin, Cookie
content-type: application/json
access-control-allow-origin: https://app.caya.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pr9SNcUJeBiyiNiJsufgB84DoNi%2Bi%2B7u1eS4JC%2Bq1sP6eVVHp4Oknv7aLZe36tyZVIeDQvXT1A0gbdFNZ6zYsNo8aXxV5srfWTrco8UbfDzaSAbfwmS6DlrMuDnCoGtikkrUsA%3D%3D"}],"group":"cf-nel","max_age":604800}
allow: OPTIONS, GET
access-control-allow-credentials: true
cf-ray: 898076b98ffc693a-FRA

GET
H2 200 amplitude.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/ 9 KB
4 KB 21ms
21ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/amplitude.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/kY2RGNSz6RDJm50Z4hJR1icrn4QkX1I9/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06d95e7c78ae4bd7fc58fe29a222697fa4063a83a676d6169b875e8462a253d9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Jan 2024 10:21:15 GMT
content-encoding: gzip
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-version-id: GOr1LF9Ive69E3GeUwWtuF3mWUQiF4d4
x-amz-cf-pop: FRA6-C1
age: 12493539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3181
last-modified: Wed, 18 Oct 2023 10:36:34 GMT
server: AmazonS3
etag: "949376aa55c1e7a26572d64a97dbe296"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: WHOZme0gJsQCMAjrJ50tMgLryJ0JjU-9_cD_AlWmf6hM6mvbSDXkqA==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
173 B 587ms
195ms Fetch
application/json 35.160.35.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: app.caya.com
URL: https://app.caya.com/vendor.900deb4246c8289d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-35-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://app.caya.com
date: Sun, 23 Jun 2024 00:46:55 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 24ms
24ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/kY2RGNSz6RDJm50Z4hJR1icrn4QkX1I9/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:56:48 GMT
content-encoding: gzip
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-version-id: HopHKmY9TBcR3b.zdj3KrkRozUW9hj.F
x-amz-cf-pop: FRA6-C1
age: 6961807
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Fri, 08 Mar 2024 07:35:27 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: ujgoVvrHFbcBb-8ugVNy8TTFumF9-y3Q2Tb50uWPP3nBM6OrBtC9Jw==

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ 54 KB
18 KB 86ms
24ms Script
application/javascript 18.245.86.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Dec 2023 23:59:15 GMT
content-encoding: gzip
via: 1.1 337ce1d1833905a0473cbaec913a354c.cloudfront.net (CloudFront)
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
x-amz-cf-pop: FRA60-P6
age: 15209261
x-cache: Hit from cloudfront
content-length: 17889
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wrCM0fA5T4j9YKdsh1nYPBSC3_Bjf2aw_kVJIJGu7zVp8OJWcgdDrQ==

POST
H2 200 / Show response
api.amplitude.com/ 7 B
229 B 595ms
202ms XHR
text/html 35.82.39.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: app.caya.com
URL: https://app.caya.com/vendor.900deb4246c8289d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.82.39.1 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-39-1.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 23 Jun 2024 00:46:55 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
trace-id: Root=1-6677707f-7c9006eb2eafb4bf0c5b5cf7
content-length: 7

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.eu/api/v2/ 53 B
148 B 99ms
99ms Fetch
application/json 2600:1901:0:7047::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Aweb-app%2Cversion%3A5.19.2&dd-api-key=pub7543c2b42153fd205d3bda29681296a5&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=f0f3a028-d108-48a4-9433-4376d931d7d4&batch_time=1719103615266

Requested by

Host: app.caya.com
URL: https://app.caya.com/vendor.900deb4246c8289d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7047:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

4ce08564d6f9407eed729dd5dff07c5896241a79bef4935a236352b191c46cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 23 Jun 2024 00:46:54 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
via: 1.1 google
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
dd-request-id: f0f3a028-d108-48a4-9433-4376d931d7d4

POST
H3 200 fireperf:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/caya-65f30/namespaces/ 1 KB
488 B 216ms
215ms Fetch
application/json 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/caya-65f30/namespaces/fireperf:fetch?key=AIzaSyC2GViCAw1JcOWuBbOW4659rNGODOHGA4E

Requested by

Host: app.caya.com
URL: https://app.caya.com/vendor.900deb4246c8289d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f10.1e100.net

Software

ESF /

Resource Hash

1f6eab8f8e8132d2a14a0c6ed530970e8cae1e752b07d84caee5771316d21350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6OTkzNjY3OTM2MjIxOndlYjo4YjQ0YzQ2OTYzMGY2ZjczIiwiZXhwIjoxNzE5NzA4NDE1LCJmaWQiOiJjLVZUWEwyaExNdnhTbUxQdVJkelJwIiwicHJvamVjdE51bWJlciI6OTkzNjY3OTM2MjIxfQ.AB2LPV8wRQIhAJjNut5c4waiPsG5yVCToJzEXwRA62jc_U5ZvL1k_fZzAiB87zbpJx8V26MsPlGSvFx1-2gHiF7lxTwuyHhxXhu_ZQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.caya.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 00:46:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: etag-caya-65f30-fireperf-fetch-486166865
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app.caya.com
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 464
x-xss-protection: 0

OPTIONS
H2 200 fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/caya-65f30/namespaces/ Frame 0
0 43ms
29ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/caya-65f30/namespaces/fireperf:fetch?key=AIzaSyC2GViCAw1JcOWuBbOW4659rNGODOHGA4E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://app.caya.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app.caya.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 23 Jun 2024 00:46:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 v2.13.8 Show response
cdn.louassist.com/viewer/script/ 131 KB
131 KB 71ms
43ms Script
application/octet-stream 172.67.135.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.louassist.com/viewer/script/v2.13.8
Requested by: Host: run.louassist.com
URL: https://run.louassist.com/v2.5.1-m?id=945152563467
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.135.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 237e2b59574cdfe177788d2bd5e31a32f96e0d43b8b17dd645df5f03d46e643f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 00:46:55 GMT
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 65333
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 133671
last-modified: Mon, 29 Apr 2024 13:10:46 GMT
server: cloudflare
etag: "4e3b313cec5f1dfaf8cfaea5b7f88eaa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H8vxjrUek19gKxlWklZUI9mNhgRwno9epWyjwH%2FRosfmHJblWwiv4tpzQMgZToWBH0e0JSYLGe7e5Cc78%2Bx5JACq4AEoqQpBOUv3btPzBAJPVtyy0p4%2Fx8h4fCuLl2JhCITU3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 898076bc4b616934-FRA
x-amz-cf-id: -Wbs_2tZfAlkmETLmU4GPGoAPqFJWfr9FD6JNYSJo7DK87aL-qaFJQ==

GET
H3 200 / Show response
api.louassist.com/v1/assistant/public/company-subscription-check/945152563467/ 254 B
647 B 133ms
133ms Fetch
application/json 172.67.135.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.louassist.com/v1/assistant/public/company-subscription-check/945152563467/

Requested by

Host: app.caya.com
URL: https://app.caya.com/vendor.900deb4246c8289d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.135.90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba02ac463a0bbaaee7cd4f89f305c347573aba2a6dd774236f852a91f7ac5abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 00:46:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
x-frame-options: DENY
vary: Accept, Origin, Cookie
content-type: application/json
access-control-allow-origin: https://app.caya.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XKF3Vty%2BhneM87JyQpsB6Bg9ONFW8jOwBWBuuzS7TIhl4s7ftPoKpCLsclA2u7rU8p6AFBA%2BmA%2F3XIO4r4bq18xGHPzywohIh0JzvukdvwohDJUqassBEiW9CAtDGyacJiVjzg%3D%3D"}],"group":"cf-nel","max_age":604800}
allow: GET, OPTIONS
access-control-allow-credentials: true
cf-ray: 898076bd09cc693a-FRA

GET
H2 200 /
viewer.louassist.com/ Frame EE3F 0
0 266ms
179ms Document
text/html 2600:9000:2761:1400:6:25cd:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://viewer.louassist.com/?folderId=null&companyId=945152563467
Requested by: Host: cdn.louassist.com
URL: https://cdn.louassist.com/viewer/script/v2.13.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2761:1400:6:25cd:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app.caya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 1569898
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=2678400, must-revalidate
content-encoding: gzip
content-type: text/html
date: Sun, 23 Jun 2024 00:46:55 GMT
etag: W/"8d044e0a1a27a91574811b82440e3183"
last-modified: Tue, 04 Jun 2024 20:33:34 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 b37bef2041652ba1d4a26e5e191fdc70.cloudfront.net (CloudFront), 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
x-amz-cf-id: fc1J-ALt-VkHBSBSRd00AjNUq2pfc0_cmuMmuOiNNC_T90N-m2WbrQ==
x-amz-cf-pop: SFO5-C1 FRA60-P8
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

POST
H2 200 / Show response
api.amplitude.com/ 7 B
228 B 204ms
203ms XHR
text/html 35.82.39.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: app.caya.com
URL: https://app.caya.com/vendor.900deb4246c8289d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.82.39.1 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-39-1.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://app.caya.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 23 Jun 2024 00:46:55 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
trace-id: Root=1-6677707f-304875ec485bec862b4dc8a9
content-length: 7

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.caya.com/	1970-01-20 22:14:55	Name: CookieScriptConsent Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","ad_personalization":"targeting","ad_user_data":"targeting","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"},"bannershown":1}
			.caya.com/	1970-01-20 21:31:44	Name: _dd_s Value:

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.refiner.io/js-client/v1/1220fed0-f5c3-11ea-966d-c5f37e836332/identify-user Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; object-src 'self' https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; connect-src 'self' ; frame-src 'self' blob: .appcues.com .chargebee.com secure.getcaya.com secure.caya.com www.google.com .refiner.io .hotjar.com .workato.com https://player.vimeo.com https://viewer.louassist.com https://s3.eu-central-1.amazonaws.com/testing-documents.usecaya.com/ https://s3.eu-central-1.amazonaws.com/documents.usecaya.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' .crazyegg.com .appcues.com .chargebee.com .googletagmanager.com .gstatic.com .segment.com .segment.io .xs2a.com .ads-twitter.com .amplitude.com .bing.com .doubleclick.net .facebook.com .facebook.net .getcaya.com .caya.com getcaya.com caya.com .hotjar.com .google-analytics.com .google.com .google.de .googleadservices.com .googleapis.com .googletagmanager.com .licdn.com .linkedin.com rapidzebra.io .rapidzebra.io .refersion.com .refiner.io .t.co .zdassets.com .zendesk.com .zopim.com .heapanalytics.com heapanalytics.com cdn.cookie-script.com cookie-script.com .workato.com .louassist.com cdn.firstpromoter.com .mida.so ; style-src 'self' 'unsafe-inline' .appcues.com fonts.googleapis.com fonts.google.com js.chargebee.com api.xs2a.com .getcaya.com .caya.com getcaya.com caya.com .heapanalytics.com heapanalytics.com .workato.com ; img-src 'self' blob: data:; media-src https://download-video.akamaized.net https://player.vimeo.com 'self'; font-src 'self' fonts.googleapis.com *.workato.com fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
api.louassist.com
api.refiner.io
api.segment.io
app.caya.com
caya.refersion.com
cdn.amplitude.com
cdn.cookie-script.com
cdn.louassist.com
cdn.segment.com
consent.cookie-script.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
js.refiner.io
region1.google-analytics.com
rum.browser-intake-datadoghq.eu
run.louassist.com
viewer.louassist.com
www.googletagmanager.com
www.gstatic.com
116.203.90.127
146.185.171.17
172.217.18.10
172.67.135.90
18.245.86.69
2001:4860:4802:32::36
2600:1901:0:7047::
2600:9000:2251:8200:1e:14d2:6dc0:93a1
2600:9000:2251:9a00:1e:14d2:6dc0:93a1
2600:9000:2761:1400:6:25cd:c280:93a1
2606:4700:4400::ac40:9ad3
2a00:1450:4001:81c::2003
2a00:1450:4001:828::200a
2a00:1450:4001:830::2008
2a05:d014:58f:6201::64
35.160.35.184
35.82.39.1
99.81.160.215
99.86.8.175
011212f2fd4d8ef1a8aa82adcbbfd224353e49ba45ee2cb8974251130a04cada
06d95e7c78ae4bd7fc58fe29a222697fa4063a83a676d6169b875e8462a253d9
0914f355375a0ce681879a7d2df0e930184a7dfa63db00daa3371648822d6454
099aa7e20fc7cc9e222cfd746d2e09ac5f324c1ae9cf40038d920317874ccdbe
0fac6482c047036b4fb08e0e1cc328076859f8987a248b9a6e810cd4b6e4af84
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
185519e0431a1da9491354cc456bc583bb102836bbe108ee63a889863729f82f
1b69473febd33d32587ff87f1e959bb2061f24d780095e37c772c2915b7ed54a
1b7c1b17a8b29d0a735f90f54952ecebffdc6651c8e6970e4c0b292d9b07689e
1be25fe6a7dce7a728f49128346ab28105ca3546094dca863f08303000ba0105
1f6eab8f8e8132d2a14a0c6ed530970e8cae1e752b07d84caee5771316d21350
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
22b5c3c2bdf6fe62fdcf6d94371ba8b095406fc0ed65d0d4f1753734d82fa407
237e2b59574cdfe177788d2bd5e31a32f96e0d43b8b17dd645df5f03d46e643f
2ce7b51349994deec0b4f0f89fe6fcab182e9282b5b76ee3989c2806fa38624b
2d4543220a6858b4b549ee63d78d11f023166e0260bb2a97f52e6c69a08b4142
30b8c08723b0af130800167aeee7da1d2c3419484e20b2c1d3db5833801bf294
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
39bf571527a8d275e138755461efaf01f8042a797ce99a9eaaaeb14df0873e13
3f7260ea1a6c8bf27806b9f9edae291d666f6cb812a3f272bbdb09d91e3f4a08
41d0132843fbeae2e6e1e557eee2b3cd7819f4790b60ccea3ebf077521865503
42892b4eb13a5f1275269065236d8be9a6d4d405e43c31ee7f2ebdff51ac471b
46f8ac2f017719bd8b960d103fda55e08ad52cd61c8a39f26b4a5119a1f2ea22
4ce08564d6f9407eed729dd5dff07c5896241a79bef4935a236352b191c46cdd
5bb357bf076a39ef01b07dc33a39acef5a99a4c6ad271832a46f405221d272ba
625e9cc195b59f93041a611eda74a2e0f956fac64434df2c4442f0c04f91f7ab
62d040f261db22ccf304bfb2a42801e036b13b72af19c2330c68fa81cd1d74f6
62e058526f3e527f9529e08343a3b2bec4211063678b86b92b51fe4cc7d8cac6
6666b8ab80e15f9d5669bdc28347ab465290bae49e64579bc5079386b52d7189
712cba3fa8fa2aceeed253c363eb34d1c122a5159027d256815fc94b0941b3de
8467b0356c3893539c2f91afca75009905bff7de52929ab1fe408cbebc7d268c
91dd3b32d12baccf26b0ed9d9ad30f26e4cae633ec252dda48f2a3a93b8a45b3
95f5e1ace04699ba8fa71603fad1b6b887597ad903e6c460e2ebb61b4e4ab6a8
9bdad8ed01fb47a43c1e0140a21a8456aa25e79d73856d56c6214c7fc433830d
ac587537e3e114f909f0ff4df30d78c26811c7d2fdc82d366fbf66fce2513818
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
ba02ac463a0bbaaee7cd4f89f305c347573aba2a6dd774236f852a91f7ac5abc
bb994120ffec62261cf84fbff3a41a9dec5201ce0997b649601ec41eb41c66f0
cd90176c6d062ddb5912a695168ee8d1d8aec0bef4406ec6b64a0fc20f714358
d12b00be4d69a685e6a3b32a32fd5cfd7297727581f527deac5b91e43425a32d
d2ea5c176d1f90254c0034683c214c5c1a59498fdbf22362239eb4d590223e47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46a82919186fb474917e7a6c27594fe7ba0b725462288bd0373070f21f18bd6
ebde55822d2ad1d9c4b114fc199d31c3037feed2d0dfab6d9d3252181dc3e4c7
f105567d5dc930eafbc18a083e72192cea71526f2e5b6c05f4aacdf2e2d07c6a

app.caya.com Open in urlscan Pro 2a05:d014:58f:6201::64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

53 %IPv6

13 Domains

20 Subdomains

20 IPs

4 Countries

1182 kBTransfer

3704 kBSize

2 Cookies

3 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.caya.com Open in urlscan Pro
2a05:d014:58f:6201::64 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

53 %
IPv6

13
Domains

20
Subdomains

20
IPs

4
Countries

1182 kB
Transfer

3704 kB
Size

2
Cookies

51 HTTP transactions
2 data transactions