Submitted URL: https://yope-cosmetics.user.com/
Effective URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Submission: On October 21 via api from US — Scanned from DE

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 58 HTTP transactions. The main IP is 2606:4700:10::ac43:2682, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.user.com.
TLS certificate: Issued by WE1 on October 6th 2024. Valid for: 3 months.
This is the only time app.user.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
33 user.com
yope-cosmetics.user.com
app.user.com
register-static.user.com
support.user.com
widget.user.com — Cisco Umbrella Rank: 160131
app-analytics.user.com
media.user.com — Cisco Umbrella Rank: 274725
eu.user.com Failed
1001 KB
10 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
426 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4401
993 B
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
552 B
1 userengage.com
app.userengage.com
80 B
1 gstatic.com
www.gstatic.com
218 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
58 9
Domain Requested by
12 register-static.user.com app.user.com
register-static.user.com
10 www.googletagmanager.com app.user.com
www.googletagmanager.com
www.google-analytics.com
7 widget.user.com app.user.com
support.user.com
4 region1.google-analytics.com www.googletagmanager.com
4 support.user.com 1 redirects support.user.com
3 media.user.com app.user.com
3 app-analytics.user.com app.user.com
app-analytics.user.com
3 www.google.com app.user.com
www.gstatic.com
3 app.user.com app.user.com
static.cloudflareinsights.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.google.de app.user.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 app.userengage.com 1 redirects
1 www.gstatic.com www.google.com
1 static.cloudflareinsights.com app.user.com
1 yope-cosmetics.user.com 1 redirects
0 eu.user.com Failed
58 18

This site contains no links.

Subject Issuer Validity Valid
user.com
WE1
2024-10-06 -
2025-01-04
3 months crt.sh
*.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
cloudflareinsights.com
WE1
2024-09-03 -
2024-12-02
3 months crt.sh
*.google-analytics.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.gstatic.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
app-analytics.user.com
E6
2024-09-20 -
2024-12-19
3 months crt.sh
*.g.doubleclick.net
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.google.de
WR2
2024-09-30 -
2024-12-23
3 months crt.sh

This page contains 6 frames:

Primary Page: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Frame ID: BD35ACB868FD1B55DFDCF6F7B9FA5877
Requests: 50 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=sg3rsjnrf5c2
Frame ID: 837B06E69FDC5A0AEA4861C99DF7DADA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=aR-zv8WjtWx4lAw-tRCA-zca&size=normal&cb=s2ncgcobw5f6
Frame ID: DB3A996FBE312A290AD1B6C0A312A2CC
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4a90/sw_iframe.html?origin=https%3A%2F%2Fapp.user.com
Frame ID: 061767B3DD84B9709EE3360B248AC5BE
Requests: 1 HTTP requests in this frame

Frame: https://media.user.com/avatars/unnamed_oYzkEAb.jpg
Frame ID: 7BEEEAE7E8718602492A8ACAF12604AE
Requests: 1 HTTP requests in this frame

Frame: https://media.user.com/avatars/eGWZ1xgLoiaO0k8VknVIUdsWjhMPiXW2.png
Frame ID: 5B5E72117DCF1D8C4A641CB287ACCFAC
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

User.com | Login - User.com

Page URL History Show full URLs

  1. https://yope-cosmetics.user.com/ HTTP 302
    https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

58
Requests

91 %
HTTPS

83 %
IPv6

9
Domains

18
Subdomains

12
IPs

4
Countries

1674 kB
Transfer

4771 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://yope-cosmetics.user.com/ HTTP 302
    https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://support.user.com/widget.js HTTP 301
  • https://widget.user.com/widget.js
Request Chain 34
  • https://app.userengage.com/media/uploads/6238/ff4d00-0-0.png HTTP 301
  • https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
app.user.com/accounts/login/
Redirect Chain
  • https://yope-cosmetics.user.com/
  • https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
8 KB
3 KB
Document
General
Full URL
https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9117817069a432490f0926a5f824af2f02563aff179d13f87366151f56ba49e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
8d60c4447db1190b-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Mon, 21 Oct 2024 11:04:25 GMT
expires
Mon, 21 Oct 2024 11:04:25 GMT
referrer-policy
same-origin
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
ue-backend
wsgi-register
ue-node
uwsgi-register2
vary
Cookie, Accept-Language, origin
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d60c441ba89190b-FRA
content-type
text/html; charset=utf-8
date
Mon, 21 Oct 2024 11:04:24 GMT
location
https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
referrer-policy
same-origin
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
ue-backend
tenants
ue-node
apinode89
vary
Cookie
x-content-type-options
nosniff
x-frame-options
DENY
/
app.user.com/jsi18n/
3 KB
1 KB
Script
General
Full URL
https://app.user.com/jsi18n/
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
274eb19a971f6684fa55074c3183ec85694484713573f76fa4ad494cb33cd1a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/

Response headers

server
cloudflare
cross-origin-opener-policy
same-origin
cf-cache-status
DYNAMIC
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
cf-ray
8d60c445bf1c190b-FRA
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:25 GMT
ue-node
uwsgi-register10
content-type
text/javascript; charset="utf-8"
vary
Accept-Language, Cookie, origin
ue-backend
wsgi-register
content-language
en-us
x-frame-options
DENY
main.4d8eae492a1061675d58.css
register-static.user.com/static/bundles/
458 KB
97 KB
Stylesheet
General
Full URL
https://register-static.user.com/static/bundles/main.4d8eae492a1061675d58.css
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fa2d5fa4fc68cf78c64b8c5e389ca90b49ceae6ad1c59f9ea7b2c90d501c4f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"44d5c7275830412aae9fa9433a9fab45"
age
59074
cf-cache-status
HIT
cf-polished
origSize=472086
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:25 GMT
content-type
text/css
last-modified
Tue, 20 Aug 2024 05:08:41 GMT
vary
Accept-Encoding
x-amz-id-2
XA4vOmSPQPFbIijeSu7rICwgNKhhweXA7H9XJVrN1Icd+l1bL+hjH06721PCGy7O6BN9kBZvwjLo7B7gvMaKSFMesfL24yNNCfXwMr/SwG0=
cache-control
max-age=432000
x-amz-request-id
HF9P3ANEKRJZKTDZ
cf-ray
8d60c445df3e190b-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
widget.js
widget.user.com/
Redirect Chain
  • https://support.user.com/widget.js
  • https://widget.user.com/widget.js
161 KB
55 KB
Script
General
Full URL
https://widget.user.com/widget.js
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e13800190aaa03d2d43773068204575b3128f7e45d7106143c3bfa778af6e5de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2
HxmhKJ4UFomYGteWrL2FM0NgRwXKxnV7uQst7qZB9uzIl7tf+Vlxo0eAMt/REG88Wea4UEvxUzuc/yGM7mrHuA==
content-encoding
br
cf-cache-status
HIT
etag
W/"6da473bfb53e1f9a860b557c6549a4f8"
age
3916
x-amz-request-id
318TCEVXSQNY368J
cf-ray
8d60c4503a31190b-FRA
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:26 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 06:02:01 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256

Redirect headers

cache-control
max-age=3600
location
https://widget.user.com/widget.js
cf-cache-status
HIT
age
60000
cf-ray
8d60c44d6ea2d376-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 21 Oct 2024 11:04:26 GMT
vary
Accept-Encoding
server
cloudflare
register.75770bc30afbcef72105.css
register-static.user.com/static/bundles/
18 KB
4 KB
Stylesheet
General
Full URL
https://register-static.user.com/static/bundles/register.75770bc30afbcef72105.css
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14fc9112509c8354739376e34ed6650cf57d5c1a0f4149e43ae2ddbdd45563dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"77368b675c9b61f2bf1f5fdf3e518045"
age
72162
cf-cache-status
HIT
cf-polished
origSize=18753
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:25 GMT
content-type
text/css
last-modified
Wed, 03 Jul 2024 05:48:27 GMT
vary
Accept-Encoding
x-amz-id-2
Y6LO4h65K4jjLu2gjy0n8VUTycFPFmm/VAP1oi2oghMAq61FaFSPdVR/L2Tx4G8dDxwPckdTmBKTdZ4+/7kIeHngvEjjIxim
cache-control
max-age=432000
x-amz-request-id
WGXJVPXVMA87NMJD
cf-ray
8d60c445df36190b-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
logo-black-normal.svg
register-static.user.com/static/img/usercom/
6 KB
2 KB
Image
General
Full URL
https://register-static.user.com/static/img/usercom/logo-black-normal.svg
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1fd38fc3eedf82b1a61a1225d6469833f5a2775db377bf69d8b77e47e8c7250

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=432000
content-encoding
br
cf-cache-status
HIT
etag
W/"3338f831a349558bc7d70acf65ae8b44"
age
52889
x-amz-request-id
YJ9XAMZVMY9400D5
cf-ray
8d60c445df3b190b-FRA
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:25 GMT
content-type
image/svg+xml
last-modified
Tue, 01 Feb 2022 07:35:57 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
BJiIlG7n9zppIssYDeksUmeJP/4n855rOMVma0u5nx5MStWyXm35wVCNFgUYKvjpqSkxOw/8Kb52Yo46pBYj7Puo7VPxkqwy
api.js
www.google.com/recaptcha/
1 KB
993 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
144fcc4d91f99cc832c83db91837200cfcaae94270ad7885e8bd91b52cd1a79e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 11:04:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 21 Oct 2024 11:04:26 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
gogle-register%402x.png
register-static.user.com/static/img/brands/google/
508 B
908 B
Image
General
Full URL
https://register-static.user.com/static/img/brands/google/gogle-register%402x.png
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57b6466c0c6d8912655fe336614e3df0865c0d9fce6fe598bc5edf9a4868a4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj
imgq:100,h2pri
etag
"b6f49555c27bc50bde81836f4feb1155"
age
85753
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=7446
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:26 GMT
content-type
image/webp
content-disposition
inline; filename="gogle-register%402x.webp"
vary
Accept
last-modified
Tue, 01 Feb 2022 07:35:57 GMT
x-amz-id-2
FE8TTrKOqvqOCF3Eq1DSZcrMMhTNnIAyBGt8AFONV+bn9gdY2IQQnhsZ02XXXBiH6Xt/w7Bx+Ub0bjfIA6fLKy8Gq1jSuEpP
cache-control
max-age=432000
x-amz-request-id
TR9DFCEB9KBQG6FB
cf-ray
8d60c44daf5c190b-FRA
accept-ranges
bytes
content-length
508
server
cloudflare
msft-register%402x.png
register-static.user.com/static/img/brands/microsoft/
212 B
616 B
Image
General
Full URL
https://register-static.user.com/static/img/brands/microsoft/msft-register%402x.png
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b859cf506d1449e8552a3ed5943718d17cd83c1945432b6603c70c5951a5195b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj
imgq:100,h2pri
etag
"894ba14c9d92e3b13501ecad14974b14"
age
22695
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=548
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:26 GMT
content-type
image/webp
content-disposition
inline; filename="msft-register%402x.webp"
vary
Accept
last-modified
Wed, 14 Feb 2024 07:10:12 GMT
x-amz-id-2
/PbHCJAgohBPiBgtlHC+lwH7HIo9IewhPu4jHv+00yZgPm0dkJxefsHRkwtA7Rf5bz/t14rRCmE=
cache-control
max-age=432000
x-amz-request-id
SCG00R7SC10JPD3M
cf-ray
8d60c44fd9b7190b-FRA
accept-ranges
bytes
content-length
212
server
cloudflare
x-amz-server-side-encryption
AES256
main.efb65e2e8c1f36f4d75f.js
register-static.user.com/static/bundles/
424 KB
145 KB
Script
General
Full URL
https://register-static.user.com/static/bundles/main.efb65e2e8c1f36f4d75f.js
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d4477095c44030bfbfa4ee9b6beedffad810050af9fe9731e80b89cf58dfe7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"b24e2d35299810a6ccfc61075407ba64"
age
52891
cf-cache-status
HIT
cf-polished
origSize=434606
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:26 GMT
content-type
text/javascript
last-modified
Wed, 25 Sep 2024 06:18:21 GMT
vary
Accept-Encoding
x-amz-id-2
wYyZBU1AoRMJVw+Qvsui8eJ/VnqE+4qeHr02uBZTfNMtpMVpWPLVdU7PI5GD09tAAbgDxOtRDvg=
cache-control
max-age=432000
x-amz-request-id
9XCCYB9FDFFDXDVN
cf-ray
8d60c44fd9ba190b-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
register.d5a01182fbdbc26791f9.js
register-static.user.com/static/bundles/
1 MB
378 KB
Script
General
Full URL
https://register-static.user.com/static/bundles/register.d5a01182fbdbc26791f9.js
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4203d66d40dd89b0b0a00f924d5baf0173b1bed412edcefe8f4bb8bdeaf6dcc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"3cc8dadba494b1d3193e62ddc177ea49"
age
52891
cf-cache-status
HIT
cf-polished
origSize=1273890
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:26 GMT
content-type
text/javascript
last-modified
Wed, 25 Sep 2024 06:18:21 GMT
vary
Accept-Encoding
x-amz-id-2
tcFoXU5AxQ0v3LYvUUwifPuCrTajAmpvKq0J+lz+xD0Xy1LnEhTLA3mrP+LEg9uGa+WWzOULKhc=
cache-control
max-age=432000
x-amz-request-id
YJ9T4FN2MJB42DBW
cf-ray
8d60c4501a19190b-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://app.user.com
Referer

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8d60c453abdbdcb4-FRA
access-control-allow-origin
*
date
Mon, 21 Oct 2024 11:04:27 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/
417 KB
118 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d9e22d4aa1b74fd4b9786a37395c99becbb1b56f6cba0ccc4facea91264359e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 21 Oct 2024 11:04:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 11:04:27 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
119972
x-xss-protection
0
server
Google Tag Manager
recaptcha__de.js
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/
547 KB
218 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c786995bf890f9ed1a8b1f75ac9db975905b2bad0c88421ebbbc56cf62ea2327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://app.user.com
Referer

Response headers

content-encoding
gzip
age
261929
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 10:18:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 10:18:58 GMT
last-modified
Mon, 07 Oct 2024 04:02:51 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222727
x-xss-protection
0
server
sffe
DMSans-Medium.woff2
register-static.user.com/static/bundles/fonts/
29 KB
30 KB
Font
General
Full URL
https://register-static.user.com/static/bundles/fonts/DMSans-Medium.woff2
Requested by
Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.4d8eae492a1061675d58.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
087ad01ffaf62e7b8ecee1bd1e1ea770399c8fc82900d1e7db134e5baf825c0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://app.user.com
Referer
https://register-static.user.com/static/bundles/main.4d8eae492a1061675d58.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"d940ea16273447cce854f545842768fe"
age
85755
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:28 GMT
content-type
application/octet-stream
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 03 Jul 2024 05:48:28 GMT
x-amz-id-2
LPwJlOBD6wBA+2gPn670mwQx8Kat3t7EAwAWMO+zMQN6Ov/lEWjxZGeaDqfayNnlLzbkAj/mygu+wwuTYLQkgr92IX7YMM8TDgp+ML2lOvc=
cache-control
max-age=432000
x-amz-request-id
9XC1YGTN63Q7P745
cf-ray
8d60c45c19fdd2ee-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
29880
server
cloudflare
x-amz-server-side-encryption
AES256
DMSans-Regular.woff2
register-static.user.com/static/bundles/fonts/
29 KB
30 KB
Font
General
Full URL
https://register-static.user.com/static/bundles/fonts/DMSans-Regular.woff2
Requested by
Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.4d8eae492a1061675d58.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86026c4396c7a5c7f080d806078c5359fb22c7a52f321cb17efdbac4a8302308

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://app.user.com
Referer
https://register-static.user.com/static/bundles/main.4d8eae492a1061675d58.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"7795a419ed60bbfac7070ea410eeae6a"
age
85755
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:28 GMT
content-type
application/octet-stream
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 03 Jul 2024 05:48:28 GMT
x-amz-id-2
vv2PV2TVjf9NlSu/mH2Jj4HUjuS8gmuTnEDS+QOOLZ9XBqp5zpUsfeVVeMLKDwp3PrHEEO5F5s1QZuyfOda7rg==
cache-control
max-age=432000
x-amz-request-id
AH5ZDRCJK7J3FZRS
cf-ray
8d60c45c19f9d2ee-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
29948
server
cloudflare
x-amz-server-side-encryption
AES256
fa-solid-900.woff2
register-static.user.com/static/bundles/fonts/
63 KB
63 KB
Font
General
Full URL
https://register-static.user.com/static/bundles/fonts/fa-solid-900.woff2
Requested by
Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.4d8eae492a1061675d58.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://app.user.com
Referer
https://register-static.user.com/static/bundles/main.4d8eae492a1061675d58.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"c4fc4e6d5fcf0af616e6cd6f884b72e9"
age
85755
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:28 GMT
content-type
application/octet-stream
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 03 Jul 2024 05:48:29 GMT
x-amz-id-2
KtFi7FoHj3L60AHGnOYFyriWw60p9kAcjB3upUHZHCxr4AgDZr9yyQNRGnuU/f5UTfRBF7qfCiKo683dWAa0PLNKdFcDbtOWKc6yLqN0eq8=
cache-control
max-age=432000
x-amz-request-id
T9TFJMA5DJWWE46Y
cf-ray
8d60c45c19f1d2ee-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
64428
server
cloudflare
x-amz-server-side-encryption
AES256
widget-app.5e5ff458a86270faf350.js
widget.user.com/
93 KB
18 KB
Script
General
Full URL
https://widget.user.com/widget-app.5e5ff458a86270faf350.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
701cf6556b5cf1013c8e3d3d04dd77f07e7025a6d6189abdde726a8f6a849496

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2
l3wSphWSmz5wd4peLEW3NIQVL+Gv/nAGCB5eKBZzTrcK9nk4lGyl3rZ/mChEeb48kBeECafFoOwdpen13/LkAQ==
content-encoding
br
cf-cache-status
HIT
etag
W/"ecfe6dd7a751ff91082c37fea991a6a7"
age
2899
x-amz-request-id
G4JP0RJBD236MTWT
cf-ray
8d60c45679bb190b-FRA
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:27 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 06:02:01 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
anchor
www.google.com/recaptcha/api2/ Frame 837B
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=sg3rsjnrf5c2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BzJk-pGGa7h_kHJWgW4mXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-BzJk-pGGa7h_kHJWgW4mXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 21 Oct 2024 11:04:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame DB3A
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=aR-zv8WjtWx4lAw-tRCA-zca&size=normal&cb=s2ncgcobw5f6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-U02ANwP7P0eLb9PEc5dLLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-U02ANwP7P0eLb9PEc5dLLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 21 Oct 2024 11:04:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
308 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2065MFPQH5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b60832808db0c122e91d09dfc34d0bb11f676e25c0794737d40e9b127ea8e80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 21 Oct 2024 11:04:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 11:04:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106531
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
300 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
723ac511990aab2341b34f6ecbffeac939d22479509b2667548ed0c37d1ed6ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 21 Oct 2024 11:04:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 11:04:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103903
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
5895
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 11:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 09:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
array.js
app-analytics.user.com/static/
117 KB
117 KB
Script
General
Full URL
https://app-analytics.user.com/static/array.js
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.13.202.2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.202.13.49.clients.your-server.de
Software
Caddy, Unit/1.31.1 /
Resource Hash
5080d7532ac9818b775f9b964c4f94fda41ad4366fc98e59d6e86cb3a23d6a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-frame-options
SAMEORIGIN
cache-control
max-age=60, public
etag
"65b0c1fc-1d321"
referrer-policy
same-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
content-length
119585
date
Mon, 21 Oct 2024 11:04:30 GMT
content-type
text/javascript; charset="utf-8"
last-modified
Wed, 24 Jan 2024 07:53:32 GMT
server
Caddy, Unit/1.31.1
vary
Cookie
sw_iframe.html
www.googletagmanager.com/static/service_worker/4a90/ Frame 0617
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4a90/sw_iframe.html?origin=https%3A%2F%2Fapp.user.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Mon, 21 Oct 2024 11:04:29 GMT
expires
Tue, 21 Oct 2025 11:04:29 GMT
last-modified
Wed, 09 Oct 2024 09:08:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
widget-actionsStore.5e5ff458a86270faf350.js
widget.user.com/
6 KB
2 KB
Script
General
Full URL
https://widget.user.com/widget-actionsStore.5e5ff458a86270faf350.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a4b0ca81d93c59f837aebac1ac2b4dd80bd0a9aeda55456cbe033b13fa8929

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2
HdJRSjWBqFGnTX9xH0197QU6wLxadPlAuA/7fPDjyaaQf68pQ9i3XrrllldgvYJfXgHfzJSCGZQ=
content-encoding
br
cf-cache-status
HIT
etag
W/"62c80712b4ad4fd331d6d6ba0f0e727d"
age
5937
x-amz-request-id
6810X5NE5M8RV75X
cf-ray
8d60c45abf2b190b-FRA
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:28 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 06:02:01 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
/
support.user.com/api/v2/user-chatping/
5 KB
2 KB
Fetch
General
Full URL
https://support.user.com/api/v2/user-chatping/
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207582f5dc08e6448d7c7f5d768cbb411b068fe2523aacd158f77bec6fcf79cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:29 GMT
ue-node
apinode74
content-type
application/json
vary
Cookie, origin
ue-backend
tenants
x-frame-options
DENY
access-control-allow-credentials
true
referrer-policy
same-origin
allow
POST, OPTIONS
cf-ray
8d60c45e29c9d376-FRA
access-control-allow-origin
https://app.user.com
server
cloudflare
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2065MFPQH5&gtm=45je4ah0v876245972z876971330za200zb76971330&_p=1729508666826&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685&cid=360633273.1729508669&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729508668&sct=1&seg=0&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fyope-cosmetics.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5137
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2065MFPQH5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://app.user.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 11:04:30 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P39TDMK54G&gtm=45je4ah0v883336927z876971330za200zb76971330&_p=1729508666826&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685&cid=360633273.1729508669&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729508669&sct=1&seg=0&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fyope-cosmetics.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&en=page_view&_fv=1&_ss=1&tfd=5263
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://app.user.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 11:04:30 GMT
content-type
text/plain
server
Golfe2
/
support.user.com/api/v2/user-chatping/ Frame
0
0
Preflight
General
Full URL
https://support.user.com/api/v2/user-chatping/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://app.user.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://app.user.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d60c45d78c59b74-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 21 Oct 2024 11:04:29 GMT
server
cloudflare
ue-backend
tenants
ue-node
apinode40
vary
origin
widget-chatStore.5e5ff458a86270faf350.js
widget.user.com/
13 KB
4 KB
Script
General
Full URL
https://widget.user.com/widget-chatStore.5e5ff458a86270faf350.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e088d8801d7a58408d0ea6dc7bc46e29f1ae71da69b615872eccc41606a1543

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2
U5zu/IFGC7BRHhydua540Vd5m7FryjXgx0YI8HobMYU0vbir0eHE2n9Y9Vtt8EuS3aqzfe17NtTdhaf+PDbJwg==
content-encoding
br
cf-cache-status
HIT
etag
W/"18b7fb91ea2080dcc10f029083493cf4"
age
558
x-amz-request-id
WXP023HB5H6H46GK
cf-ray
8d60c4620f56190b-FRA
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:29 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 06:02:01 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
widget-launcherModule.5e5ff458a86270faf350.js
widget.user.com/
13 KB
5 KB
Script
General
Full URL
https://widget.user.com/widget-launcherModule.5e5ff458a86270faf350.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad15dca828a163bda9824801bc6769d4ee741f5ac17d59e59835dce4d728d1d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2
Kby3XkpAELz/yz/CQ2ri8uD1f1k87M+xb8KgELv/9EwlN4FTRx+E/LvHLIyyUweOjRLeMKShz3OyPvQk1aDFMg==
content-encoding
br
cf-cache-status
HIT
etag
W/"675df12a1f78bf2b152f1ebddbe954eb"
age
4157
x-amz-request-id
E26E91E28JJKHADG
cf-ray
8d60c4620f5b190b-FRA
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:29 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 06:02:01 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
unnamed_oYzkEAb.jpg
media.user.com/avatars/ Frame 7BEE
3 KB
3 KB
Image
General
Full URL
https://media.user.com/avatars/unnamed_oYzkEAb.jpg
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f303d1dff6d91a05a0ed63a2e51ca9c84b3517d8cdc6e558e85f53b587117ae0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj
imgq:100,h2pri
etag
"84acc6ad6f56be53dee89eafc4c6ddb3"
x-amz-version-id
hfs7V4Kbc36rTsv8lpTzh33IFf9ftZEu
cf-cache-status
HIT
age
52892
cf-polished
origSize=3189
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:30 GMT
content-type
image/jpeg
last-modified
Fri, 17 Nov 2023 15:35:09 GMT
vary
Accept-Encoding
x-amz-id-2
QQLRfen26e3K3Z5VLIVvD21/TQb4nemaqR7PUC8cltg8Jfje6rgSnLt/cvpw9/UCdRp5tsqS+dfS2cGqKV3OMw==
x-amz-replication-status
COMPLETED
cache-control
max-age=86400
x-amz-request-id
KS3GE6E91TNFQ5E0
cf-ray
8d60c4667c56190b-FRA
accept-ranges
bytes
content-length
3009
server
cloudflare
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/j/
15 B
432 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=657429027&t=pageview&_s=1&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fyope-cosmetics.user.com%2F&ul=de-de&de=UTF-8&dt=User.com%20%7C%20Login%20-%20User.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAEK~&jid=936007321&gjid=1288364216&cid=360633273.1729508669&tid=UA-100960632-1&_gid=1385233766.1729508671&_r=1&_slc=1&gtm=45He4ah0n815SBSNG9v76971330za200&cd12=&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101823848~101836705&cd3=360633273.1729508669&npa=1&z=1373180130
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
372eb37a96c06d92d7b293623f3fdb3c0eb477d183865cd71433dbe8f00431a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 11:04:30 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://app.user.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/
313 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X19GWGFGFC&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afaefdb02676339aa044ef793fd7bbca89f662b7d496aac6c0a559cb1cd84604
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 21 Oct 2024 11:04:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 11:04:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104329
x-xss-protection
0
server
Google Tag Manager
ff4d00-0-0.png
media.user.com/old-media/uploads/6238/
Redirect Chain
  • https://app.userengage.com/media/uploads/6238/ff4d00-0-0.png
  • https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
70 B
445 B
Image
General
Full URL
https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3685d91003825bb30d7c466ce88382cefee36e2253955b5a570f9a27b0ada0bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj
imgq:100,h2pri
etag
"9591c410148e6883727c5339fd1c02cd"
x-amz-version-id
null
cf-cache-status
HIT
age
3722
cf-polished
origFmt=png, origSize=95
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:33 GMT
content-type
image/webp
content-disposition
inline; filename="ff4d00-0-0.webp"
vary
Accept
last-modified
Fri, 03 Dec 2021 10:43:20 GMT
x-amz-id-2
FgVNxvJbGphileSt08TW5fbucyTTPesccgCTQ2bQaTJf+UOnwfNbB1wByM1JjSwL2H7dMfg7v58=
x-amz-request-id
77XQV87XB5AXAY29
cf-ray
8d60c477dff9190b-FRA
accept-ranges
bytes
content-length
70
server
cloudflare

Redirect headers

location
https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
content-length
0
/
app-analytics.user.com/e/
13 B
212 B
XHR
General
Full URL
https://app-analytics.user.com/e/?ip=1&_=1729508673789&ver=1.101.0
Requested by
Host: app-analytics.user.com
URL: https://app-analytics.user.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.13.202.2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.202.13.49.clients.your-server.de
Software
Caddy, Unit/1.31.1 /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

access-control-allow-credentials
true
referrer-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://app.user.com
alt-svc
h3=":443"; ma=2592000
date
Mon, 21 Oct 2024 11:04:33 GMT
content-type
application/json
server
Caddy, Unit/1.31.1
access-control-allow-headers
X-Requested-With,Content-Type
/
app-analytics.user.com/decide/
374 B
413 B
XHR
General
Full URL
https://app-analytics.user.com/decide/?v=3&ip=1&_=1729508673791&ver=1.101.0
Requested by
Host: app-analytics.user.com
URL: https://app-analytics.user.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.13.202.2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.202.13.49.clients.your-server.de
Software
Caddy, Unit/1.31.1 /
Resource Hash
b7b52d0d52c69620247edc1f169666223d3c872dcc15c3acb87012f8606cc6cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

access-control-allow-credentials
true
referrer-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://app.user.com
alt-svc
h3=":443"; ma=2592000
date
Mon, 21 Oct 2024 11:04:33 GMT
content-type
application/json
server
Caddy, Unit/1.31.1
access-control-allow-headers
X-Requested-With,Content-Type
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-X19GWGFGFC&gtm=45je4ah0v9165106096za200&_p=1729508666826&_gaz=1&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685&ul=de-de&sr=1600x1200&cid=360633273.1729508669&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fyope-cosmetics.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&sid=1729508673&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_3=360633273.1729508669&tfd=10244
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X19GWGFGFC&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://app.user.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 11:04:34 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
552 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X19GWGFGFC&cid=360633273.1729508669&gtm=45je4ah0v9165106096za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3l1&npa=1&frm=0&tag_exp=101686685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X19GWGFGFC&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://app.user.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 11:04:34 GMT
content-type
text/plain
server
Golfe2
a
www.googletagmanager.com/
0
14 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-X19GWGFGFC&v=3&t=t&pid=839753042&cv=2&rv=4ah0&tc=26&tag_exp=101686685&es=1&e=gtm.init_consent&eid=-1&z=0
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Mon, 21 Oct 2024 11:04:34 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/
0
14 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-X19GWGFGFC&v=3&t=t&pid=839753042&cv=2&rv=4ah0&tc=26&tag_exp=101686685&es=1&e=gtm.init&eid=0&tr=1ogtgasend.1ogtipmark.1ogtreferralexclusion.1ogtsessiontimeout.1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaadslink.1ogtgooglesignals.1ccdgaregscope.1ccdconversionmarking.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ccdautoredact.1ccdgalast&ti=2ogtgasend.2ogtipmark.2ogtreferralexclusion.2ogtsessiontimeout.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ogtgooglesignals.2ccdgaregscope.2ccdconversionmarking.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ccdautoredact.2ccdgalast&z=0
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Mon, 21 Oct 2024 11:04:34 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/
0
14 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-X19GWGFGFC&v=3&t=t&pid=839753042&cv=2&rv=4ah0&tc=26&tag_exp=101686685&es=1&e=gtag.config&eid=1&tr=1gct&ti=1gct&z=0
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Mon, 21 Oct 2024 11:04:34 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/
0
14 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-X19GWGFGFC&v=3&t=t&pid=839753042&cv=2&rv=4ah0&tc=26&tag_exp=101686685&es=1&e=gtm.dom&eid=63&z=0
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Mon, 21 Oct 2024 11:04:34 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/
0
14 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-X19GWGFGFC&v=3&t=t&pid=839753042&cv=2&rv=4ah0&tc=26&tag_exp=101686685&es=1&e=*&eid=69&u=AAAAAAAI&z=0
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Mon, 21 Oct 2024 11:04:34 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X19GWGFGFC&cid=360633273.1729508669&gtm=45je4ah0v9165106096za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3l1&npa=1&frm=0&tag_exp=101686685&tag_exp=101686685&z=1523386585
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 21 Oct 2024 11:04:34 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2065MFPQH5&gtm=45je4ah0v876245972za200zb76971330&_p=1729508666826&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685&cid=360633273.1729508669&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1729508668&sct=1&seg=0&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fyope-cosmetics.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&en=scroll&epn.percent_scrolled=90&_et=9&tfd=10249
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2065MFPQH5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://app.user.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 11:04:34 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P39TDMK54G&gtm=45je4ah0v883336927za200zb76971330&_p=1729508666826&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685&cid=360633273.1729508669&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1729508669&sct=1&seg=0&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fyope-cosmetics.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&en=scroll&epn.percent_scrolled=90&_et=39&tfd=10328
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://app.user.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 11:04:34 GMT
content-type
text/plain
server
Golfe2
rum
app.user.com/cdn-cgi/
0
139 B
XHR
General
Full URL
https://app.user.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8d60c47eefb6190b-FRA
access-control-allow-origin
https://app.user.com
date
Mon, 21 Oct 2024 11:04:34 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
register-static.user.com/static/img/favicon/
1 KB
713 B
Other
General
Full URL
https://register-static.user.com/static/img/favicon/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0361a928acd5b35b5cffb34286ff6d71c132fdc0d4b33c22d94419bd8f7cb786

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=432000
content-encoding
br
cf-cache-status
HIT
etag
W/"4838288cccb7029ebc9d4bb058ca28d4"
age
34442
x-amz-request-id
6A9BF3FRZ84RF5V6
cf-ray
8d60c47f5822190b-FRA
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:34 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 01 Feb 2022 07:35:59 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
cC75aoqRHw+APfG6NI0YtRRBEfaOBfZu/xEmw5cmiO8aQkdEfyXT0vhRxkh7YTxzsBk077eJG/9ef3UJSH+gsv67jm6nOZA7811mnxfVJgg=
favicon-32x32.png
register-static.user.com/static/img/favicon/
562 B
949 B
Other
General
Full URL
https://register-static.user.com/static/img/favicon/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53bcf7741fb5ff7ead61449060f8ebb72026151f24fb1d09bad8604ea1e3536a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj
imgq:100,h2pri
etag
"dd99f0c31c031eedf31330af98748542"
age
85760
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1680
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:34 GMT
content-type
image/webp
content-disposition
inline; filename="favicon-32x32.webp"
vary
Accept
last-modified
Tue, 01 Feb 2022 07:36:00 GMT
x-amz-id-2
V34q3aA235aowz+TVxS5jEJee6tW+UXHukY97YcTMRsgB39IfXv1CRnwoU3+6NVKm46whFTIDifr+JnpyTlu8A==
cache-control
max-age=432000
x-amz-request-id
7N5N7Z4G5VB7R1DH
cf-ray
8d60c4817a2d190b-FRA
accept-ranges
bytes
content-length
562
server
cloudflare
/
support.user.com/api/v2/conversations/
0
0

widget-280.5e5ff458a86270faf350.js
widget.user.com/
21 KB
10 KB
Script
General
Full URL
https://widget.user.com/widget-280.5e5ff458a86270faf350.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08d6ce66acb30ae3ea4436f12b6447aae4b4e12d95cfc3fbfba666421316b2ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2
DoAkOsO9YYxtzFPCQV2QgpukyTEvRl0op8KtAVZLUAUYPMO+tdfxU7TmlQ4oBvrR18xwlqgNXHg=
content-encoding
br
cf-cache-status
HIT
etag
W/"d932fc7272d5637398b8246589305111"
age
640
x-amz-request-id
GTAYJPZRJT0CVYSA
cf-ray
8d60c4bccdec190b-FRA
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:44 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 06:02:01 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
widget-chatModule.5e5ff458a86270faf350.js
widget.user.com/
89 KB
21 KB
Script
General
Full URL
https://widget.user.com/widget-chatModule.5e5ff458a86270faf350.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e52547754d4b6140ab042a720b3a3ed12e4c499b7cf45b2aa27827aedb9826ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2
985XZmpZMpzPe1nuWmywgD0GSvLxkCDA6830xcxzyzyjpiKRtVBRMRiPtRx8rLGr8sAps7Tud8axXdFzyhCTXA==
content-encoding
br
cf-cache-status
HIT
etag
W/"946c83ec2d3d372951632511ad15023e"
age
5548
x-amz-request-id
SE1MRM02Q0N0W8WJ
cf-ray
8d60c4bccded190b-FRA
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:44 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 06:02:01 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
1.ogg
eu.user.com/static/sounds/
0
0

/
support.user.com/api/v2/conversations/ Frame
0
0
Preflight
General
Full URL
https://support.user.com/api/v2/conversations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
clientuser-key
Access-Control-Request-Method
GET
Origin
https://app.user.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://app.user.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d60c4bcccc4903c-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 21 Oct 2024 11:04:44 GMT
server
cloudflare
ue-backend
tenants
ue-node
apinode58
vary
origin
eGWZ1xgLoiaO0k8VknVIUdsWjhMPiXW2.png
media.user.com/avatars/ Frame 5B5E
5 KB
5 KB
Image
General
Full URL
https://media.user.com/avatars/eGWZ1xgLoiaO0k8VknVIUdsWjhMPiXW2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj
imgq:100,h2pri
etag
"36d62a01e3e434184a5888b66629a651"
x-amz-version-id
null
cf-cache-status
HIT
age
544
cf-polished
origFmt=png, origSize=10414
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 11:04:44 GMT
content-type
image/webp
content-disposition
inline; filename="eGWZ1xgLoiaO0k8VknVIUdsWjhMPiXW2.webp"
vary
Accept
last-modified
Wed, 17 Nov 2021 02:50:34 GMT
x-amz-id-2
Om8hdGHh6lvQyL550GoWc14nyct2N3ZINHyEPbCS76c7v8fgeCJ3uas0/DvMR+19tmnVqZ6/QAiHBz2UPkdFzg==
x-amz-request-id
CBQB1SF4YFA2P1EM
cf-ray
8d60c4bd6e7c190b-FRA
accept-ranges
bytes
content-length
5070
server
cloudflare
giphy-34af2d5a1684.gif
eu.user.com/media/uploads/1t1nnm-user-com-support/ Frame 5B5E
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
support.user.com
URL
https://support.user.com/api/v2/conversations/
Domain
eu.user.com
URL
https://eu.user.com/static/sounds/1.ogg
Domain
eu.user.com
URL
https://eu.user.com/media/uploads/1t1nnm-user-com-support/giphy-34af2d5a1684.gif

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| dataLayer object| django function| pluralidx function| gettext function| ngettext function| gettext_noop function| pgettext function| npgettext function| interpolate function| get_format object| civchat object| webpackChunkusercom_widget object| regeneratorRuntime function| parcelRequire object| UE function| userengage object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| element function| recaptchaFormSubmit number| uidEvent object| ue object| __cfBeacon object| google_tag_manager object| google_tag_data object| recaptcha object| closure_lm_390326 string| GoogleAnalyticsObject function| ga object| posthog object| UsercomInstance function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

11 Cookies

Domain/Path Name / Value
app.user.com/ Name: csrftoken
Value: 5PEwYukFjrEICN8PRPtyyUL4QLV8XA3z
app.user.com/ Name: sessionid
Value: u7jllyh4uxo52cxv9qscqy40ufjvjnen
.user.com/ Name: _gcl_au
Value: 1.1.1599451403.1729508668
.user.com/ Name: _ga_2065MFPQH5
Value: GS1.1.1729508668.1.0.1729508668.0.0.0
.user.com/ Name: _ga_P39TDMK54G
Value: GS1.1.1729508669.1.0.1729508669.0.0.0
.user.com/ Name: _ueuuid
Value: IaSGbNQQ41bi5tgn
.user.com/ Name: __ca__chat
Value: t1f4ovamnfpd
.user.com/ Name: _ga
Value: GA1.2.360633273.1729508669
.user.com/ Name: _gid
Value: GA1.2.1385233766.1729508671
.user.com/ Name: _gat_UA-100960632-1
Value: 1
.user.com/ Name: _ga_X19GWGFGFC
Value: GS1.2.1729508673.1.0.1729508673.60.0.0

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://app.user.com/accounts/login/?next=https%3A//yope-cosmetics.user.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-analytics.user.com
app.user.com
app.userengage.com
eu.user.com
media.user.com
region1.analytics.google.com
region1.google-analytics.com
register-static.user.com
static.cloudflareinsights.com
stats.g.doubleclick.net
support.user.com
widget.user.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
yope-cosmetics.user.com
eu.user.com
support.user.com
2001:4860:4802:32::36
2606:4700:10::6816:31fd
2606:4700:10::ac43:2682
2606:4700::6810:5049
2a00:1450:4001:809::2003
2a00:1450:4001:813::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c0b::9d
49.13.202.2
51.91.31.155
0361a928acd5b35b5cffb34286ff6d71c132fdc0d4b33c22d94419bd8f7cb786
087ad01ffaf62e7b8ecee1bd1e1ea770399c8fc82900d1e7db134e5baf825c0f
08d6ce66acb30ae3ea4436f12b6447aae4b4e12d95cfc3fbfba666421316b2ff
0d4477095c44030bfbfa4ee9b6beedffad810050af9fe9731e80b89cf58dfe7d
0fa2d5fa4fc68cf78c64b8c5e389ca90b49ceae6ad1c59f9ea7b2c90d501c4f6
144fcc4d91f99cc832c83db91837200cfcaae94270ad7885e8bd91b52cd1a79e
14fc9112509c8354739376e34ed6650cf57d5c1a0f4149e43ae2ddbdd45563dc
207582f5dc08e6448d7c7f5d768cbb411b068fe2523aacd158f77bec6fcf79cb
274eb19a971f6684fa55074c3183ec85694484713573f76fa4ad494cb33cd1a7
3685d91003825bb30d7c466ce88382cefee36e2253955b5a570f9a27b0ada0bd
372eb37a96c06d92d7b293623f3fdb3c0eb477d183865cd71433dbe8f00431a2
3b60832808db0c122e91d09dfc34d0bb11f676e25c0794737d40e9b127ea8e80
47a4b0ca81d93c59f837aebac1ac2b4dd80bd0a9aeda55456cbe033b13fa8929
5080d7532ac9818b775f9b964c4f94fda41ad4366fc98e59d6e86cb3a23d6a16
53bcf7741fb5ff7ead61449060f8ebb72026151f24fb1d09bad8604ea1e3536a
6d9e22d4aa1b74fd4b9786a37395c99becbb1b56f6cba0ccc4facea91264359e
701cf6556b5cf1013c8e3d3d04dd77f07e7025a6d6189abdde726a8f6a849496
723ac511990aab2341b34f6ecbffeac939d22479509b2667548ed0c37d1ed6ef
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
86026c4396c7a5c7f080d806078c5359fb22c7a52f321cb17efdbac4a8302308
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8e088d8801d7a58408d0ea6dc7bc46e29f1ae71da69b615872eccc41606a1543
9117817069a432490f0926a5f824af2f02563aff179d13f87366151f56ba49e3
ad15dca828a163bda9824801bc6769d4ee741f5ac17d59e59835dce4d728d1d1
afaefdb02676339aa044ef793fd7bbca89f662b7d496aac6c0a559cb1cd84604
b1fd38fc3eedf82b1a61a1225d6469833f5a2775db377bf69d8b77e47e8c7250
b4203d66d40dd89b0b0a00f924d5baf0173b1bed412edcefe8f4bb8bdeaf6dcc
b57b6466c0c6d8912655fe336614e3df0865c0d9fce6fe598bc5edf9a4868a4d
b7b52d0d52c69620247edc1f169666223d3c872dcc15c3acb87012f8606cc6cb
b859cf506d1449e8552a3ed5943718d17cd83c1945432b6603c70c5951a5195b
c786995bf890f9ed1a8b1f75ac9db975905b2bad0c88421ebbbc56cf62ea2327
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13800190aaa03d2d43773068204575b3128f7e45d7106143c3bfa778af6e5de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52547754d4b6140ab042a720b3a3ed12e4c499b7cf45b2aa27827aedb9826ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f303d1dff6d91a05a0ed63a2e51ca9c84b3517d8cdc6e558e85f53b587117ae0
fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad