www.bezahlen.net Open in urlscan Pro
2a00:1158:1000:406::3da Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bezahlen.net/ratgeber/bestellen-bei-shein/
Effective URL:
https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Submission: On January 05 via api (January 5th 2023, 2:03:14 am UTC) from JP — Scanned from FR

Summary HTTP 121 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 23 IPs in 7 countries across 24 domains to perform 121 HTTP transactions. The main IP is 2a00:1158:1000:406::3da, located in Strasbourg, France and belongs to GD-EMEA-DC-SXB1, DE. The main domain is www.bezahlen.net.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on February 1st 2022. Valid for: a year.

This is the only time www.bezahlen.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 36	2a00:1158:100... 2a00:1158:1000:406::3da	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
4	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
4	141.0.23.218 141.0.23.218	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1 1	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
3	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400d:802::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 12	142.251.208.130 142.251.208.130	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:2ff3:9a7b:16d6:ab3d	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
121	23

36 2a00:1158:1000:406::3da (Strasbourg, France) 6 redirects

ASN8972 (GD-EMEA-DC-SXB1, DE)

bezahlen.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.bezahlen.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.0.23.218 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: m17s3-2-12da.ispgateway.de

www.bezahlen.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2003 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:802::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.251.208.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.237 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:2ff3:9a7b:16d6:ab3d (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	bezahlen.net 6 redirects bezahlen.net www.bezahlen.net	1 MB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	266 KB
21	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	86 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com	273 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 330	120 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	4 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	1 KB
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 2379	582 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 871	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1147 r.turn.com — Cisco Umbrella Rank: 4328	869 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 497	959 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 690	2 KB
2	de17a.com d5p.de17a.com — Cisco Umbrella Rank: 6509	250 B
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 3008	185 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	95 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723	714 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 918	540 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 35086	609 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1282	715 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1004	463 B
1	google.fr adservice.google.fr — Cisco Umbrella Rank: 17421	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	696 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1204	71 KB
1	google.de 1 redirects www.google.de — Cisco Umbrella Rank: 3658	320 B
121	24

	Domain	Requested by
38	www.bezahlen.net	4 redirects www.bezahlen.net
14	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net www.bezahlen.net
12	pagead2.googlesyndication.com	www.bezahlen.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
5	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	www.bezahlen.net googleads.g.doubleclick.net
3	www.gstatic.com	www.bezahlen.net googleads.g.doubleclick.net
2	rtb.openx.net	2 redirects
2	c1.adform.net	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	d5p.de17a.com	googleads.g.doubleclick.net
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	bezahlen.net	2 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.fr	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	maxcdn.bootstrapcdn.com	www.bezahlen.net
1	www.google.de	1 redirects
121	33

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
de.shein.com
policies.google.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
www.bezahlen.net Starfield Secure Certificate Authority - G2	`2022-02-01` - `2023-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-30` - `2023-12-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Frame ID: 087FC8F4A4EFB8939CB1770CD5B9D930
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Frame ID: EBA2019F091F26210C8E9C03A24C75BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&adk=1812271804&adf=3025194257&lmt=1672884008&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189428&bpp=8&bdt=674&idt=364&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7314006647700&frm=20&pv=2&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=386
Frame ID: C6BE96AFFBD8258DA0C9979645657EBB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=1990123085&adk=1259079614&adf=991104028&pi=t.ma~as.1990123085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189436&bpp=3&bdt=682&idt=414&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKjUEasejo&p=https%3A//www.bezahlen.net&dtd=422
Frame ID: 8578BF175D22BB3EF45131576F94E566
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7780279330&adk=2969664610&adf=2267346395&pi=t.ma~as.7780279330&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189439&bpp=1&bdt=685&idt=484&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Fvp8mvHrAJ&p=https%3A//www.bezahlen.net&dtd=489
Frame ID: E226B42447369217ED15192E31E20106
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513
Frame ID: 63570DB7CC23A148FD80F727496D5877
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=1667486496&adk=89566618&adf=2844431369&pi=t.ma~as.1667486496&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189442&bpp=1&bdt=688&idt=517&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=3860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TnVmC7Jka6&p=https%3A//www.bezahlen.net&dtd=522
Frame ID: D96A62352015D927940BCA4B9DED311A
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 8C2F8D81E3FA661B51BB3495D1015F58
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DA315ABD601D1FF0B4AED540B1491C46
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 05B4015BA691B1777BA3C28E467197FF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: 170F271A4C1F2E1BC19C601704CEF0FD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D9EDEF6D98DEABADB8988AC54D91671D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D7EE984648D30914A75E9E4A0B070CC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SheIn.com - Erfahrungen, Zahlungsmethoden & Zoll + Versand

Page URL History Show full URLs

http://bezahlen.net/ratgeber/bestellen-bei-shein/ HTTP 301
https://bezahlen.net/ratgeber/bestellen-bei-shein/ HTTP 301
https://www.bezahlen.net/ratgeber/bestellen-bei-shein/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

121
Requests

88 %
HTTPS

61 %
IPv6

24
Domains

33
Subdomains

23
IPs

7
Countries

2005 kB
Transfer

4259 kB
Size

22
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/messages/t/SheInside
Title: Klicken Sie hier

Search URL Search Domain Scan URL

URL: http://de.shein.com/bonus-point-program-a-371.html
Title: SheIn-Bonusprogramm

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://twitter.com/Bezahlen_net
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCmMsUMPmv7NcPjBb9NryIMg
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Bezahlennet-139595219966302/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=de
Title: https://policies.google.com/privacy?hl=de

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bezahlen.net/ratgeber/bestellen-bei-shein/ HTTP 301
https://bezahlen.net/ratgeber/bestellen-bei-shein/ HTTP 301
https://www.bezahlen.net/ratgeber/bestellen-bei-shein/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://www.bezahlen.net/wp-content/plugins/wp-postratings/images/stars_crystal/rating_on.gif HTTP 302
https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_on.svg

Request Chain 6

https://www.bezahlen.net/wp-content/plugins/wp-postratings/images/stars_crystal/rating_half.gif HTTP 302
https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_half.svg

Request Chain 7

https://www.bezahlen.net/wp-content/plugins/wp-postratings/images/stars_crystal/rating_off.gif HTTP 302
https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_off.svg

Request Chain 10

https://www.google.de/coop/cse/brand?lang=de&ver=0.0 HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 36

https://www.bezahlen.net/wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.gif HTTP 302
https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_over.svg

Request Chain 83

https://um.simpli.fi/gp_match?google_gid=CAESEKKKRh1U76jcJRdyUh9EdH0&google_cver=1&google_push=AavPq0MuULwvSApnDavoG83as0e8MFdxF1_T7QZYvS0i88LIYdp44r5gHWKP6gzRgLdNbglncj6KdKJ_XZ22UMjBqZABRq5yVFSAqso HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AD4F8283A56E45CC81A3987B30D66AC9&google_push=AavPq0MuULwvSApnDavoG83as0e8MFdxF1_T7QZYvS0i88LIYdp44r5gHWKP6gzRgLdNbglncj6KdKJ_XZ22UMjBqZABRq5yVFSAqso

Request Chain 84

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECcIikonwoJf_EbZm3cSfFk&google_cver=1&google_push=AavPq0ONv-uAzLvc06HxmjCmXaZZ-9vYdO_Ae-TeiyTp6rFRL0yR9WvZfI0P0zbSai-fLanQhdPhrrff5lGxeUrz1kw84hY01F1RYiE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0ONv-uAzLvc06HxmjCmXaZZ-9vYdO_Ae-TeiyTp6rFRL0yR9WvZfI0P0zbSai-fLanQhdPhrrff5lGxeUrz1kw84hY01F1RYiE&google_hm=XwixW2y6R_aq56jxQRo84BI

Request Chain 87

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDRYKoETmUwINhYQ_I2lSsg&google_cver=1&google_push=AavPq0PJekuYR1uxyjSDdiXn65zIGo9zM-QdddZD2TaYy6g9kgplL5ymPbGQ6IAjnZNwKLNxwjLF5Y6NCX-D5XmkpBqogk3jL0TPWKI HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDRYKoETmUwINhYQ_I2lSsg&google_push=AavPq0PJekuYR1uxyjSDdiXn65zIGo9zM-QdddZD2TaYy6g9kgplL5ymPbGQ6IAjnZNwKLNxwjLF5Y6NCX-D5XmkpBqogk3jL0TPWKI&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDRYKoETmUwINhYQ_I2lSsg&google_hm=Y7Yv3wXDKYNekKOvuVZLbwAAFBoAAAIB&google_nid=index&google_push=AavPq0PJekuYR1uxyjSDdiXn65zIGo9zM-QdddZD2TaYy6g9kgplL5ymPbGQ6IAjnZNwKLNxwjLF5Y6NCX-D5XmkpBqogk3jL0TPWKI

Request Chain 88

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECuFIbbK-UwOR50u2ban8FY&google_cver=1&google_push=AavPq0PJoaxCYaYD_TSf_iyKLdVGSBUi6vw_I2MajiNeAmFlA7-G-CLVJCowxPZgXoMNFAucLloTRcDAoaVyZGNBg4zIguPPO8cnfYA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PJoaxCYaYD_TSf_iyKLdVGSBUi6vw_I2MajiNeAmFlA7-G-CLVJCowxPZgXoMNFAucLloTRcDAoaVyZGNBg4zIguPPO8cnfYA&google_gid=CAESECuFIbbK-UwOR50u2ban8FY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMxMzcxODIyNDUyMTQ2NTg4NTE2MA%3D%3D&google_push=AavPq0PJoaxCYaYD_TSf_iyKLdVGSBUi6vw_I2MajiNeAmFlA7-G-CLVJCowxPZgXoMNFAucLloTRcDAoaVyZGNBg4zIguPPO8cnfYA

Request Chain 107

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMHDgj53GD5FEGh_H1mT9wQ&google_cver=1&google_push=AavPq0MmCNHYd07q-eYXweidt3HO-mVbapzIJre9hTMLEusoSpY9KqXeuhrqGlhgNYoLL0YBDtqnlZVc6q4bzfvHCjr8pOlLM5kTZVj1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQ0MTQyOTI2OTU0MTQ3NDc5NQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMHDgj53GD5FEGh_H1mT9wQ&google_cver=1

Request Chain 108

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENA4FfAg30R4sRZOcykSNEk&google_cver=1&google_push=AavPq0OSKcGcKfPq94as7yKaRpQ3rTlWmYQ3YwblQ0YgX25qKarDRyo4Kk5vjMxuBcDCqXoFZGyG6RbEyDu9tVlCaEVgiAj0Jzm9ejR_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENA4FfAg30R4sRZOcykSNEk&google_push=AavPq0OSKcGcKfPq94as7yKaRpQ3rTlWmYQ3YwblQ0YgX25qKarDRyo4Kk5vjMxuBcDCqXoFZGyG6RbEyDu9tVlCaEVgiAj0Jzm9ejR_

Request Chain 109

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEjqHv_rOGrFJMzmR4DQ1Ns&google_cver=1&google_push=AavPq0Nd5cl_bTJgBegjPSjREU5JbhwJ0YlFKQNWFO43bx0OgtvgKvXUkVM82LYv-l8Jffs1QlDJjYHApI51S086tHJgkzR7zkAdWCTg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0Nd5cl_bTJgBegjPSjREU5JbhwJ0YlFKQNWFO43bx0OgtvgKvXUkVM82LYv-l8Jffs1QlDJjYHApI51S086tHJgkzR7zkAdWCTg&google_hm=hmO2L9_PumTD7miWTQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63B62FDFCFBA64C3EE68964DBLIS

Request Chain 110

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJnQWk91aVeQgZzGbwq-kWc&google_cver=1&google_push=AavPq0PNVcy8yWULFd_NNJgZCVNq6-vUIUVMCqOqPt46rjPq3h7jz2Xg_EVrxW_SmNCbdEffBsMGbhal6V5mx7nEdMRaRZtdUlt1fhbg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PNVcy8yWULFd_NNJgZCVNq6-vUIUVMCqOqPt46rjPq3h7jz2Xg_EVrxW_SmNCbdEffBsMGbhal6V5mx7nEdMRaRZtdUlt1fhbg&google_hm=eS1WSHZmS250RTJwRkVsUWxlZG13T1c2LjNFaWllbzB2cX5B

Request Chain 112

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK0F_MXfTU2cIuXkJ1bwKIA&google_cver=1&google_push=AavPq0NU4l0FHTcIPGL6wh2wyWv7HkJSbmqEjZEBwt4HQUx5ZaXMIds9eLWLutWJJ9_g8cf4Uo3ogeDQl3vIFHJS6IC1R4MRJd4pPsuv HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEK0F_MXfTU2cIuXkJ1bwKIA&google_cver=1&google_push=AavPq0NU4l0FHTcIPGL6wh2wyWv7HkJSbmqEjZEBwt4HQUx5ZaXMIds9eLWLutWJJ9_g8cf4Uo3ogeDQl3vIFHJS6IC1R4MRJd4pPsuv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc2MTY3NTQxOTM5NTIzMTA1Mg&google_push=AavPq0NU4l0FHTcIPGL6wh2wyWv7HkJSbmqEjZEBwt4HQUx5ZaXMIds9eLWLutWJJ9_g8cf4Uo3ogeDQl3vIFHJS6IC1R4MRJd4pPsuv

Request Chain 113

https://rtb.openx.net/sync/dds?google_gid=CAESEGniH7eVxE98mti9Pp1NjjM&google_cver=1&google_push=AavPq0MNaBPPx2daXDXtSUi4Oj4cSOIjO6cFUBoaIkP-hKR1ftld0Jfr4w52bB2HeyRRumfJIe4xugBRZqKSMQcZRaJNPlcVsYhr9YE HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEGniH7eVxE98mti9Pp1NjjM&google_cver=1&google_push=AavPq0MNaBPPx2daXDXtSUi4Oj4cSOIjO6cFUBoaIkP-hKR1ftld0Jfr4w52bB2HeyRRumfJIe4xugBRZqKSMQcZRaJNPlcVsYhr9YE&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0MNaBPPx2daXDXtSUi4Oj4cSOIjO6cFUBoaIkP-hKR1ftld0Jfr4w52bB2HeyRRumfJIe4xugBRZqKSMQcZRaJNPlcVsYhr9YE&google_hm=g35PK5ywyaAgTJAHwgjqQg==

121 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.bezahlen.net/ratgeber/bestellen-bei-shein/
Redirect Chain

http://bezahlen.net/ratgeber/bestellen-bei-shein/
https://bezahlen.net/ratgeber/bestellen-bei-shein/
https://www.bezahlen.net/ratgeber/bestellen-bei-shein/

383 KB
383 KB

129ms
34ms

Document
text/html

2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache / PHP/7.2.23
Resource Hash: 47c28f037e4ef8bde348674051fe6186b6a7cabeddc376fc70fb9a9dd9b47ed5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Jan 2023 02:03:08 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Thu, 05 Jan 2023 02:00:08 GMT
Server: Apache
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.23

Redirect headers

Cache-Control: max-age=3600
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Jan 2023 02:03:08 GMT
Expires: Thu, 05 Jan 2023 03:03:08 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Server: Apache
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.23
X-Redirect-By: WordPress

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 174ms
64ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora%7CSource%20Sans%20Pro%3A200%2C300%2C400%2C600%2C700%7CAbel&display=swap

Requested by

Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f87adb35a81c0dd96ab93f8dce01805e2fe1bd31536ea74506805b3d211e3b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 02:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 02:03:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 02:03:08 GMT

GET
H/1.1 200
OK 05902bed9b45f567abaa5cb45707bb1c.css
www.bezahlen.net/wp-content/cache/min/1/ 363 KB
89 KB 87ms
34ms Stylesheet
text/css 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bezahlen.net/wp-content/cache/min/1/05902bed9b45f567abaa5cb45707bb1c.css
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: bb03e5bfea9e65b4024d93b0367854a57f15dabee1daa9783fad30c7b5f28bb7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 10:03:06 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Tue, 04 Jul 2023 02:03:08 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.bezahlen.net/wp-includes/js/jquery/ 87 KB
31 KB 159ms
37ms Script
application/javascript 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bezahlen.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Sep 2021 09:26:55 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 30908
Expires: Tue, 04 Jul 2023 02:03:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 221ms
107ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8ac899cf584713afc1624e07bd48454a522e490bb44662848357a83eec44e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49993
x-xss-protection: 0
server: cafe
etag: 15396366216428200221
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 02:03:09 GMT

GET
H/1.1 200
OK bez_logo_11.png
www.bezahlen.net/wp-content/uploads/ 5 KB
5 KB 29ms
27ms Image
image/png 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/bez_logo_11.png
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 897cb7fc75e606ca3a83a84b3777af6ff8f91eee1e9f49ddfbd0ad8aa33a9968

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:08 GMT
Last-Modified: Tue, 14 Mar 2017 10:18:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5157
Expires: Tue, 04 Jul 2023 02:03:08 GMT

GET
H/1.1

200
OK

rating_on.svg
www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/
Redirect Chain

https://www.bezahlen.net/wp-content/plugins/wp-postratings/images/stars_crystal/rating_on.gif
https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_on.svg

576 B
760 B

28ms
28ms

Image
image/svg+xml

2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_on.svg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 2a6f675e0cc9be4a0f99d3ab8ba5e8ce474f0a062bd2f1e24ca17db4fae66acb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Mar 2020 13:16:47 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 375
Expires: Tue, 04 Jul 2023 02:03:09 GMT

Redirect headers

Date: Thu, 05 Jan 2023 02:03:08 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_on.svg
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 278
Expires: Thu, 05 Jan 2023 02:03:08 GMT

GET
H/1.1

200
OK

rating_half.svg
www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/
Redirect Chain

https://www.bezahlen.net/wp-content/plugins/wp-postratings/images/stars_crystal/rating_half.gif
https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_half.svg

746 B
817 B

28ms
28ms

Image
image/svg+xml

141.0.23.218
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_half.svg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Server: 141.0.23.218 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: m17s3-2-12da.ispgateway.de
Software: Apache /
Resource Hash: 1af970ea633ab1576cf585e8dc3502757035656477865b78883fff8543d73250

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Mar 2020 13:16:47 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 431
Expires: Tue, 04 Jul 2023 02:03:09 GMT

Redirect headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_half.svg
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 280
Expires: Thu, 05 Jan 2023 02:03:09 GMT

GET
H/1.1

200
OK

rating_off.svg
www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/
Redirect Chain

https://www.bezahlen.net/wp-content/plugins/wp-postratings/images/stars_crystal/rating_off.gif
https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_off.svg

601 B
774 B

36ms
28ms

Image
image/svg+xml

2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_off.svg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 2c20efb71eda6a9ed50cb1be67a2ccb9e6cfd124b5e35d5643d7d8dba1b356f9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Mar 2020 13:16:47 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 389
Expires: Tue, 04 Jul 2023 02:03:09 GMT

Redirect headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_off.svg
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 279
Expires: Thu, 05 Jan 2023 02:03:09 GMT

GET
H/1.1 200
OK loading.gif
www.bezahlen.net/wp-content/plugins/wp-postratings/images/ 770 B
1 KB 83ms
27ms Image
image/gif 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/plugins/wp-postratings/images/loading.gif
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 561d133e612d60ea988fd5ab8819c6ea9c2336c8a3e3a054ac78a1bab3a73178

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Mon, 12 Oct 2020 10:29:11 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 770
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK cb-no-thumbnail.png
www.bezahlen.net/wp-content/plugins/borlabs-cookie/assets/images/ 2 KB
2 KB 76ms
27ms Image
image/png 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/plugins/borlabs-cookie/assets/images/cb-no-thumbnail.png
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4aa648d57636bd52477cb0133d1dafa2e979010c795470191cc9cd8c925230b6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Thu, 24 Feb 2022 09:33:31 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1896
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.de/coop/cse/brand?lang=de&ver=0.0
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

151ms
39ms

Script
text/javascript

2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/

Protocol

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 05:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 05 Jan 2023 05:43:05 GMT

Redirect headers

date: Thu, 05 Jan 2023 02:03:09 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Thu, 05 Jan 2023 02:33:09 GMT

GET
H/1.1 200
OK 17bc6727f81aa667a161da79f3d0c047.js Show response
www.bezahlen.net/wp-content/cache/min/1/ 916 KB
264 KB 42ms
42ms Script
application/javascript 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bezahlen.net/wp-content/cache/min/1/17bc6727f81aa667a161da79f3d0c047.js
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: ea81fa1c4c1ae3e408cba8a9475197e0edac0b15da5dc2ac25f5f91fbbfbd227

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 10:07:52 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Tue, 04 Jul 2023 02:03:08 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.2/fonts/ 70 KB
71 KB 82ms
27ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.2/fonts/fontawesome-webfont.woff2?v=4.6.2

Requested by

Host: www.bezahlen.net
URL: https://www.bezahlen.net/wp-content/cache/min/1/05902bed9b45f567abaa5cb45707bb1c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bezahlen.net/
Origin: https://www.bezahlen.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1074
age: 794141
cdn-cachedat: 12/25/2022 15:20:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71760
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "a1a450ea331a3fc89e867ecad963b6b2"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a677cbd3ebca8ac4ea4060541c1c8512
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 7848a2c54c72d57c-CDG
cdn-requestpullsuccess: True

GET
H/1.1 200
OK shein-sheinside.jpg
www.bezahlen.net/wp-content/uploads/ 177 KB
177 KB 28ms
27ms Image
image/jpeg 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/shein-sheinside.jpg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 5f0a0610e7fa0e2ee6d126bc34e0949903bffafd5f31337953ce11e31e999a99

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Wed, 02 Aug 2017 12:10:36 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 181230
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 231cfbe93871f228c30313539a6a71638f94e7e8cb5fa427217fb65c7f6931b9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK zollrechner-150x150.jpg
www.bezahlen.net/wp-content/uploads/ 5 KB
6 KB 28ms
28ms Image
image/jpeg 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/zollrechner-150x150.jpg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: d31341c4a2f45fa0ef9a458648c638d4e3ab6849afcbf93444ffc5e70557bfb2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Thu, 25 Jan 2018 12:51:31 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5335
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK zoll-china-150x150.jpg
www.bezahlen.net/wp-content/uploads/ 4 KB
4 KB 28ms
28ms Image
image/jpeg 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/zoll-china-150x150.jpg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: ca231b8534066f197595dd6f38c576d47fd9703e0957e0f01fa5c6ca3c173c1b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Fri, 02 Jun 2017 09:49:59 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4237
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK plagiate-china-150x150.jpg
www.bezahlen.net/wp-content/uploads/ 6 KB
6 KB 28ms
28ms Image
image/jpeg 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/plagiate-china-150x150.jpg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: cf9461ed071730021509e98005c7568714e6ffe98ef520357e2d052d25b534f4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Sat, 03 Jun 2017 17:24:54 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 6063
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK zoll-china-1-150x150.jpg
www.bezahlen.net/wp-content/uploads/ 6 KB
7 KB 28ms
28ms Image
image/jpeg 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/zoll-china-1-150x150.jpg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 6d8f733395b1d8aa3410f9f6a1cc0074d0c5ce56a35203909192a067bc6594dd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Thu, 13 Jul 2017 10:39:31 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6595
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK china-versand-150x150.jpg
www.bezahlen.net/wp-content/uploads/ 9 KB
9 KB 28ms
28ms Image
image/jpeg 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/china-versand-150x150.jpg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: fac5e917a02e3a5df3536c729276f22b40347dbf45bdd0c3b1f8922f1f71e68c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Sat, 03 Jun 2017 18:23:06 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 8858
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK china-lieferzeiten-150x150.jpg
www.bezahlen.net/wp-content/uploads/ 6 KB
7 KB 28ms
28ms Image
image/jpeg 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/china-lieferzeiten-150x150.jpg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: c40db5a5096fe29187b9654ad9a948f0d96edb3926168275b3a71e9cb38151e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Fri, 04 May 2018 12:11:34 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 6346
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK amazon-bestellen-unternehmen-150x150.jpg
www.bezahlen.net/wp-content/uploads/ 8 KB
8 KB 28ms
28ms Image
image/jpeg 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/amazon-bestellen-unternehmen-150x150.jpg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: c8eaf570579573c5c9b39775bd643d1f2feb99a44706a561badf3f4edfdd665f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Tue, 13 Jun 2017 16:17:36 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 7879
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK bei-amazon-cn-in-china-bestellen-150x150.jpg
www.bezahlen.net/wp-content/uploads/ 5 KB
5 KB 28ms
28ms Image
image/jpeg 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/bei-amazon-cn-in-china-bestellen-150x150.jpg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 6a106bdab4bd33f2d66d7b63b1b9fe31ad8085d1b90d913fdcd2d704e61ff57a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Tue, 14 Mar 2017 15:13:39 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4687
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK china-bezahlen-150x150.jpg
www.bezahlen.net/wp-content/uploads/ 5 KB
5 KB 35ms
28ms Image
image/jpeg 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/china-bezahlen-150x150.jpg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: c14d9b2555507b5699f96450ac0528f0f14bd41246761ff7c14106267268c0b4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Fri, 07 Jul 2017 14:30:32 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 4994
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK china-technik-adapter-deutschland-150x150.jpg
www.bezahlen.net/wp-content/uploads/ 8 KB
8 KB 40ms
28ms Image
image/jpeg 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/china-technik-adapter-deutschland-150x150.jpg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 8eef739a33711eec931d396e6299adf7f6a728f49028d45b51070cd6a46c18d5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Tue, 06 Jun 2017 15:57:23 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 8298
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK bezahlen-china-shop-150x150.jpg
www.bezahlen.net/wp-content/uploads/ 5 KB
5 KB 29ms
28ms Image
image/jpeg 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/bezahlen-china-shop-150x150.jpg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 72ab34eefebc21cb82fdc59d1909d9c66a787fa8bc24d667c39357023d072d05

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Sat, 03 Jun 2017 17:01:23 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4660
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK china-bestellen-150x150.jpg
www.bezahlen.net/wp-content/uploads/ 6 KB
6 KB 28ms
28ms Image
image/jpeg 141.0.23.218
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/china-bestellen-150x150.jpg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 141.0.23.218 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: m17s3-2-12da.ispgateway.de
Software: Apache /
Resource Hash: 48d970440e01b3772bd54181ba9ee9e607d21a4cf983e4da87056b8e49b6d178

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Tue, 06 Jun 2017 17:05:39 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6055
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H2 200 0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
fonts.gstatic.com/s/lora/v26/ 19 KB
19 KB 147ms
47ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%7CSource%20Sans%20Pro%3A200%2C300%2C400%2C600%2C700%7CAbel&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df02979a78c233d4f94e6fabbf5620b730e3689c7492feb68506836d0d71417f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bezahlen.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:19:47 GMT
x-content-type-options: nosniff
age: 585802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19228
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 07:19:47 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 176ms
85ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%7CSource%20Sans%20Pro%3A200%2C300%2C400%2C600%2C700%7CAbel&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bezahlen.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:55:38 GMT
x-content-type-options: nosniff
age: 533251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 21:55:38 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 130ms
40ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%7CSource%20Sans%20Pro%3A200%2C300%2C400%2C600%2C700%7CAbel&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bezahlen.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 08:59:22 GMT
x-content-type-options: nosniff
age: 147827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 08:59:22 GMT

GET
H/1.1 200
OK shein-symbole-250x300.png
www.bezahlen.net/wp-content/uploads/ 25 KB
26 KB 36ms
28ms Image
image/png 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/shein-symbole-250x300.png
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 99bf178cafbeeb68e77cf937075d06cd2f5d542ebccd6891a4b8f5e2782ee196

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Wed, 02 Aug 2017 11:06:22 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 25927
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK shein-zahlung-300x66.png
www.bezahlen.net/wp-content/uploads/ 3 KB
3 KB 34ms
28ms Image
image/png 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/shein-zahlung-300x66.png
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: a7e1e9ff97c687c37763a0ad144b7fcfefff597b1efc2a4ab372b2070fdb56d9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Wed, 02 Aug 2017 11:09:01 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 3058
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK shein-wahrung-300x205.png
www.bezahlen.net/wp-content/uploads/ 13 KB
14 KB 40ms
28ms Image
image/png 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/uploads/shein-wahrung-300x205.png
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 0f31e5e932c571050bc9b8291cb15ad6708d65b5db22ee8e7806096868f1a552

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Wed, 02 Aug 2017 11:10:49 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 13660
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/ 355 KB
117 KB 90ms
90ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2886617747125999&plah=www.bezahlen.net&bust=31071277

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fa0781177fa226f77251daa88692491078a497b5c02cf683a24f8b3f929348d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119735
x-xss-protection: 0
server: cafe
etag: 4472336744082682958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 02:03:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/ Frame EBA2 10 KB
5 KB 440ms
39ms Document
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bezahlen.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 65710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 07:47:59 GMT
etag: 10353107486223812946
expires: Wed, 18 Jan 2023 07:47:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.bezahlen.net/wp-includes/js/ 18 KB
5 KB 28ms
28ms Script
application/javascript 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bezahlen.net/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/wp-content/cache/min/1/17bc6727f81aa667a161da79f3d0c047.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Sep 2021 09:26:55 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 4930
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1

200
OK

rating_over.svg
www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/
Redirect Chain

https://www.bezahlen.net/wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.gif
https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_over.svg

2 KB
1 KB

27ms
27ms

Image
image/svg+xml

2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_over.svg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: b620a31e04a613f198fd3b2fdeba1bed4b6f0df2e546c27c7643898fbe716d37

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Mar 2020 13:16:47 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 880
Expires: Tue, 04 Jul 2023 02:03:09 GMT

Redirect headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.bezahlen.net/wp-content/plugins/weber-custom-snippets/images/ratings/rating_over.svg
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 280
Expires: Thu, 05 Jan 2023 02:03:09 GMT

POST
H/1.1 200
OK ajax-handler.php Show response
www.bezahlen.net/wp-content/ 2 B
414 B 30ms
30ms XHR
text/html 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bezahlen.net/wp-content/ajax-handler.php

Requested by

Host: www.bezahlen.net
URL: https://www.bezahlen.net/wp-content/cache/min/1/17bc6727f81aa667a161da79f3d0c047.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

Apache / PHP/7.2.23

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Accel-Expires: 0
Date: Thu, 05 Jan 2023 02:03:09 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Powered-By: PHP/7.2.23
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0, smax-age=0
Connection: Keep-Alive
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=89
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK borlabs-cookie-logo.svg
www.bezahlen.net/wp-content/plugins/borlabs-cookie/assets/images/ 8 KB
2 KB 28ms
28ms Image
image/svg+xml 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-logo.svg
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 2165e2c26c55abda30802c47b96c0299eed7de988ab2ef405b35036b4fbdeb6a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 09:33:31 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1394
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK open.png
www.bezahlen.net/wp-content/plugins/tablepress-datatables-row-details/ 881 B
1 KB 27ms
27ms Image
image/png 141.0.23.218
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bezahlen.net/wp-content/plugins/tablepress-datatables-row-details/open.png
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/wp-content/cache/min/1/05902bed9b45f567abaa5cb45707bb1c.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 141.0.23.218 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: m17s3-2-12da.ispgateway.de
Software: Apache /
Resource Hash: 5d7e4c45cdad295c9a0523246e6b562e1e8a2d1986349681acd8973e51209c95

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/wp-content/cache/min/1/05902bed9b45f567abaa5cb45707bb1c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Last-Modified: Wed, 25 Mar 2020 13:14:10 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 881
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
DATA 200
OK truncated
/ 980 B
980 B Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dfd0cc0bc2c551f9779249efaac0a586b85fa33f11f5b3cbda5093a01ea3e42

Request headers

Referer
Origin: https://www.bezahlen.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

POST
H/1.1 200
OK ajax.php Show response
www.bezahlen.net/wp-content/plugins/post-views-counter/includes/ 0
425 B 38ms
38ms XHR
text/html 141.0.23.218
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bezahlen.net/wp-content/plugins/post-views-counter/includes/ajax.php

Requested by

Host: www.bezahlen.net
URL: https://www.bezahlen.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.0.23.218 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

m17s3-2-12da.ispgateway.de

Software

Apache / PHP/7.2.23

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 02:03:09 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Powered-By: PHP/7.2.23
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK style.css
www.bezahlen.net/wp-content/plugins/simple-lightbox/themes/baseline/css/ 3 KB
1 KB 27ms
27ms Stylesheet
text/css 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bezahlen.net/wp-content/plugins/simple-lightbox/themes/baseline/css/style.css
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 6ce40d9a8cffef73732d5e2fe59a7c591d5ff42a1dd0bf5c778e33f6cc2636cd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Mar 2020 13:30:17 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 761
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H/1.1 200
OK style.css
www.bezahlen.net/wp-content/plugins/simple-lightbox/themes/default/css/ 5 KB
1 KB 27ms
27ms Stylesheet
text/css 2a00:1158:1000:406::3da
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bezahlen.net/wp-content/plugins/simple-lightbox/themes/default/css/style.css
Requested by: Host: www.bezahlen.net
URL: https://www.bezahlen.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1158:1000:406::3da Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: Apache /
Resource Hash: 48446357cf9c75846a7c3053f653f7973a1e5291b0a349e89c435f9e6d939bc3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 02:03:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Mar 2020 13:30:17 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=15552000, public
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 1023
Expires: Tue, 04 Jul 2023 02:03:09 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
696 B 159ms
61ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bezahlen.net&callback=_gfp_s_&client=ca-pub-2886617747125999&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2886617747125999&plah=www.bezahlen.net&bust=31071277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40d8c73575cd54b10f687ce99f0d763e4709dd63372434d004e3e4d6161bbbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 162ms
62ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.bezahlen.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 162ms
62ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bezahlen.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
71ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&tn=DIV&cls=middle-center%20_brlbs-block-content%20_brlbs-bg-animation%20show-cookie-box%20_brlbs-bg-dark&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
71ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C6BE 23 KB
5 KB 145ms
100ms Document
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&adk=1812271804&adf=3025194257&lmt=1672884008&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189428&bpp=8&bdt=674&idt=364&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7314006647700&frm=20&pv=2&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=386

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

1cfaee2958fa9c3fdf877801fb3825db1d181bdd75f199f8fe22f527ab3abed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bezahlen.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 5331
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 02:03:09 GMT
expires: Thu, 05 Jan 2023 02:03:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8578 436 B
383 B 105ms
104ms Document
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=1990123085&adk=1259079614&adf=991104028&pi=t.ma~as.1990123085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189436&bpp=3&bdt=682&idt=414&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKjUEasejo&p=https%3A//www.bezahlen.net&dtd=422

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

0b092ac11ea3d4183ae85f41f8f656760c85cf8423deb0342be332d473dcde00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bezahlen.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 02:03:09 GMT
expires: Thu, 05 Jan 2023 02:03:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E226 60 KB
12 KB 962ms
802ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7780279330&adk=2969664610&adf=2267346395&pi=t.ma~as.7780279330&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189439&bpp=1&bdt=685&idt=484&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Fvp8mvHrAJ&p=https%3A//www.bezahlen.net&dtd=489

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e06a738004b78827c67b1c5d136ed9024ac2a387426abc91fd908a9d8a8e250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bezahlen.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12535
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 02:03:10 GMT
expires: Thu, 05 Jan 2023 02:03:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6357 111 KB
36 KB 1077ms
1073ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d28bb573cffa77af97b7e84563484245237bab798cbd06002eaff4474b5e6c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bezahlen.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 37328
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 02:03:11 GMT
expires: Thu, 05 Jan 2023 02:03:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D96A 85 KB
25 KB 868ms
867ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=1667486496&adk=89566618&adf=2844431369&pi=t.ma~as.1667486496&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189442&bpp=1&bdt=688&idt=517&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=3860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TnVmC7Jka6&p=https%3A//www.bezahlen.net&dtd=522

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34b90d180e92175b71aba450d3177101b8aa6b68e821fb396a09953fbd18e256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bezahlen.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 25376
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 02:03:10 GMT
expires: Thu, 05 Jan 2023 02:03:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 8C2F 221 KB
61 KB 167ms
39ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7780279330&adk=2969664610&adf=2267346395&pi=t.ma~as.7780279330&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189439&bpp=1&bdt=685&idt=484&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Fvp8mvHrAJ&p=https%3A//www.bezahlen.net&dtd=489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 21:36:05 GMT
age: 16026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 21:36:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 8C2F 14 KB
5 KB 236ms
108ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 21:36:05 GMT
age: 16026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 21:36:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 8C2F 94 KB
28 KB 243ms
115ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 15:36:51 GMT
age: 37580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 15:36:51 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 8C2F 5 KB
2 KB 257ms
129ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 21:36:05 GMT
age: 16026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 21:36:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 8C2F 40 KB
13 KB 258ms
131ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 21:36:05 GMT
age: 16026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 21:36:05 GMT

GET
H2 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 8C2F 6 KB
3 KB 264ms
136ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-gwd-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79e86049a33a4706f4e46501c1268f61536aa9ed3943113c308076b2403c53f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 20:55:44 GMT
age: 18447
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2457
x-xss-protection: 0
server: sffe
etag: "d4430c48bac670ef"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 20:55:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8C2F 43 KB
2 KB 143ms
63ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d2cdc33a01967787075c67728204819a1c4b23d621bdeb44727fa612a25d585

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 02:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 00:41:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 02:03:11 GMT

GET
H2 200 de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8C2F 3 KB
3 KB 178ms
77ms Image
image/png 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/de.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 19:54:21 GMT
x-content-type-options: nosniff
server: cafe
age: 22130
etag: 6601037253665971276
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2958
x-xss-protection: 0
expires: Thu, 05 Jan 2023 19:54:21 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8C2F 295 B
415 B 178ms
76ms Image
image/png 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 00:34:47 GMT
x-content-type-options: nosniff
server: cafe
age: 5304
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 06 Jan 2023 00:34:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8C2F 0
17 B 118ms
116ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChoKn3i-2Y8v2B5OLlQfW369A5Kn5lW7zoYiQ9BDKr6XelA4QASC1iOIeYPsBoAHDoP7QKMgBCakCBmGgCJTKsT6oAwHIAwiqBPQBT9AEt_q4XQI6HXvCPu5fMtXoYZ9WKa1XyGAaezVazrFbaR2BhQNXdXloCp75xd19vHszdnT-9-_U0Z8PA2WkxhGtT2xPGQo97gXJ5TT4ozXJFWYj9-3050kwGqH4Cwtxg24lDDR6vuELvZRMEOiqm9WNN4Tzi_ou7Ll2CFL_2fSWrz6bPVUbrIhqP0NqHthcxpj0fN_kpyOxTxIdeIsbLYp5dQMJri_zsdT64TpGnFnVSNfF2RM8QIy-xGc7ybbVerl2Ph2Ec0wDSLBNfvUYSfNWRhEPu6bC149yi9eOlEH5LTJgQAARczaaGyLfOqrDvrAEzsAEtLaYspgEkgUECAQYAZIFBAgFGASgBi6AB8PYzrADqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQi-gI0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMjg4NjYxNzc0NzEyNTk5ORgA&sigh=-ntI2HEQ210&uach_m=[UACH]&cid=CAQSGwDq26N9wIOPEGOPcP77tS2kXF4Xjijk1Jr4xBgBIBM&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7780279330&adk=2969664610&adf=2267346395&pi=t.ma~as.7780279330&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189439&bpp=1&bdt=685&idt=484&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Fvp8mvHrAJ&p=https%3A//www.bezahlen.net&dtd=489
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 02:03:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 62f4f124d109aa0011294c75.png
tpc.googlesyndication.com/sadbundle/17467856249764020159/ Frame 8C2F 3 KB
3 KB 153ms
52ms Image
image/png 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/17467856249764020159/62f4f124d109aa0011294c75.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d78fdd4ca7864777d55a8ce47933c5f1d6e76d487b0a9075dd041fe2ad5545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 06:53:17 GMT
x-content-type-options: nosniff
age: 68994
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3155
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 14:33:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 04 Jan 2024 06:53:17 GMT

GET
DATA 200
OK truncated
/ Frame 8C2F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b91e4db6438461ada0f9b455aca91ff7366ea4c1459d620802c3c764bc21e1ab

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame D96A 3 KB
601 B 142ms
62ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=1667486496&adk=89566618&adf=2844431369&pi=t.ma~as.1667486496&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189442&bpp=1&bdt=688&idt=517&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=3860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TnVmC7Jka6&p=https%3A//www.bezahlen.net&dtd=522

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 02:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 00:19:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 02:03:11 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame D96A 2 KB
818 B 138ms
51ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame D96A 24 KB
10 KB 125ms
39ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 04:28:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame D96A 3 KB
1 KB 133ms
50ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 04:28:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame D96A 18 KB
7 KB 131ms
45ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D96A 154 KB
48 KB 178ms
78ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 02:03:11 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame D96A 34 KB
14 KB 118ms
39ms Script
text/javascript 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:18:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D96A 0
0 97ms
97ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjWy23i-2Y5SPCKil9u8Pw_uPyAnPtLLcbbz1rMexENnu4fXWNxABILWI4h5g-wGgAY6I_eACyAEGqAMByAMCqgT0AU_QahdUCnQBHhnMwZwlubvns6kb84swtAkFAT9O1du6NOpMMCFwf5010sTxGqkbeqdu7wgdLNVksKfTzOgfo9FL79YLIR23auCai7_xPGcE2tRkqQ2h1MDjMEuT_QdiZ4dNByqs-tunxvdW8vixdWxOFeo7I_sEllAFQkHs6-s1oWf_IuaiPzTyHWo___-XPMR2A4glyVEaaKAxtnZbWad6wL4-b6tuhubFViXxA5rI1Aa5k8NkofBOvNztF2kcIfgqV8hqU22daY4ZH9GzlFjrJ9Qj40GzTtOT7gV-BIqUbB_PyJOT6VggNHYLJd0y3HepkkjABM_VxsOSBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAe1iq-iAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBDtiALSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi0yODg2NjE3NzQ3MTI1OTk5GAA&sigh=ig6WwHksrdI&uach_m=[UACH]&cid=CAQSKQDq26N9cO3iWjA31CIsEo5Bv03NzwTSfcTY05t08a4ecGmUImoO0_OMGAEgEw&template_id=493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=1667486496&adk=89566618&adf=2844431369&pi=t.ma~as.1667486496&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189442&bpp=1&bdt=688&idt=517&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=3860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TnVmC7Jka6&p=https%3A//www.bezahlen.net&dtd=522
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 02:03:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D96A 29 KB
29 KB 152ms
39ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSuN7pCF7FhaVFB_ZTrDFI96WtUkP7vezrKM_gfDq-pd_igO5RNFkq-ODG_cw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d68c766c896af6d96cdc8f2d5455b62e619d4d3caefc1183754e93da6413a79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 01:17:53 GMT
x-content-type-options: nosniff
age: 175518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29416
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 12:46:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 03 Jan 2024 01:17:53 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D96A 5 KB
5 KB 174ms
39ms Image
image/png 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQvpTYpQZlRIahtahgcAzJ2H1153XgcaX2UFX8HmG-XEn0TlnrZ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d1cb6afd5c7d4161b719b1b73ab16564f145e713e90287ea0f72cef534cd8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 14:32:58 GMT
x-content-type-options: nosniff
age: 387013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4742
x-xss-protection: 0
last-modified: Wed, 29 Aug 2018 18:40:18 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 31 Dec 2023 14:32:58 GMT

GET
H3 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 8C2F 13 KB
13 KB 120ms
40ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 190880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 21:01:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DA31 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 66908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Thu, 05 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D96A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd9ca6b4b527aa04fc1b3d36bf82a2aff1a9f8699b568964d0ceb48bde7c9ef

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 6357 2 KB
535 B 62ms
62ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 02:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 01:44:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 02:03:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 6357 2 KB
765 B 245ms
163ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6357 0
0 82ms
82ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgB2l3i-2Y53jB8C89u8P_NmF2AXttYvwbcrBt4HDEP3KmsW5MBABILWI4h5g-wGgAbG955ADyAEJqQIGYaAIlMqxPqgDAcgDywSqBP0BT9AgC-GzMCExZyRmsf1zjkVZYs4yX-tOerTgxHgoGUscdFIrkjL0MmSV7YpKb5Vz5RO8PpPX9TB989xaxFyeBcIwdz1aSnaUqj0yj2-uYVCbb7iXHuvUY1KfITrvnQxV0UpRBu6fPVKCpIpN_ejw6pqChenJHSWfR_ckA8Z7IEIn9hKPdrXni4ZlofrdEl48VfaqHu_klPX7-Oq4hYizIzxVIRJOD5g51FB9ce8KwwjwcCrWQVyVIup6qWCjRCJUx0VnwKA22LTrDYLdP5BxuuATmOnFG4eCrgwB_15qmfnY47s_8OT3TvguJEMZ-ftHrpCNF_S4Jj6uPTwp68AEt7a6mIEEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9WMl2-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQjqkD0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMjg4NjYxNzc0NzEyNTk5ORgA&sigh=Vh-fckCudvQ&uach_m=[UACH]&cid=CAQSKQDq26N9LEaRAcaNssb-FBd-5kVXyUYqA5dieqULJCr46-GC8eGeJezVGAEgEw&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 02:03:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame DA31 35 B
463 B 219ms
150ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIi_ZfKebs7tV23GlFjNQLs&google_cver=1&google_push=AavPq0NuvGz4AjsillcAmF-rZhUeUCvAY1yGxMc-lTR1XcfvBr69XGOvb7acbhd8YBG2VSuRIpadumwGpdrpbsm9fCJIydKKj0eGDcM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DA31
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKKKRh1U76jcJRdyUh9EdH0&google_cver=1&google_push=AavPq0MuULwvSApnDavoG83as0e8MFdxF1_T7QZYvS0i88LIYdp44r5gHWKP6gzRgLdNbglncj6KdKJ_XZ22UMjBqZABRq5yVFSAqso
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AD4F8283A56E45CC81A3987B30D66AC9&google_push=AavPq0MuULwvSApnDavoG83as0e8MFdxF1_T7QZYvS0i88LIYdp44r5gHWKP6gzRgLdNbglncj6KdKJ_XZ22UMj...

170 B
329 B

85ms
63ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AD4F8283A56E45CC81A3987B30D66AC9&google_push=AavPq0MuULwvSApnDavoG83as0e8MFdxF1_T7QZYvS0i88LIYdp44r5gHWKP6gzRgLdNbglncj6KdKJ_XZ22UMjBqZABRq5yVFSAqso

Requested by

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 02:03:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AD4F8283A56E45CC81A3987B30D66AC9&google_push=AavPq0MuULwvSApnDavoG83as0e8MFdxF1_T7QZYvS0i88LIYdp44r5gHWKP6gzRgLdNbglncj6KdKJ_XZ22UMjBqZABRq5yVFSAqso
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 04 Jan 2023 02:03:11 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DA31
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECcIikonwoJf_EbZm3cSfFk&google_cver=1&google_push=AavPq0ONv-uAzLvc06HxmjCmXaZZ-9vYdO_Ae-TeiyTp6rFRL0yR9WvZfI0P0zbSai-fLanQhdPhrrff5lG...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0ONv-uAzLvc06HxmjCmXaZZ-9vYdO_Ae-TeiyTp6rFRL0yR9WvZfI0P0zbSai-fLanQhdPhrrff5lGxeUrz1kw84hY01F1RYiE&google_hm=XwixW2y6R_aq56jxQ...

170 B
232 B

99ms
64ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0ONv-uAzLvc06HxmjCmXaZZ-9vYdO_Ae-TeiyTp6rFRL0yR9WvZfI0P0zbSai-fLanQhdPhrrff5lGxeUrz1kw84hY01F1RYiE&google_hm=XwixW2y6R_aq56jxQRo84BI

Requested by

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:10 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0ONv-uAzLvc06HxmjCmXaZZ-9vYdO_Ae-TeiyTp6rFRL0yR9WvZfI0P0zbSai-fLanQhdPhrrff5lGxeUrz1kw84hY01F1RYiE&google_hm=XwixW2y6R_aq56jxQRo84BI
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame DA31 0
174 B 222ms
146ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPs39cECIibnvGNjGO_00p4&google_cver=1&google_push=AavPq0O46yw7gPVCuGze4qGUDfHPYqHxQ6_HoRYbNr0WSo81Kv0WbExGtP7Uq7gfu3_8Blq9dIHbpZK48XOLTxyUuHQ-1EOslFYQ0Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=1667486496&adk=89566618&adf=2844431369&pi=t.ma~as.1667486496&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189442&bpp=1&bdt=688&idt=517&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=3860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TnVmC7Jka6&p=https%3A//www.bezahlen.net&dtd=522
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 google
d5p.de17a.com/cookies/ Frame DA31 35 B
125 B 291ms
49ms Image
image/gif 213.155.156.168
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/cookies/google?google_gid=CAESEIAAXF7XJtvqCA8TIxN72ts&google_cver=1&google_push=AavPq0O8XDxjW19LRhf3l2qZL8hSN9dxFMCWsvkoE0_9R9DAhr-UksruisOr0oN2EOekWyJHogadyzJ9ViV1ccKTTrgTkN7s3XKBBsw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=1667486496&adk=89566618&adf=2844431369&pi=t.ma~as.1667486496&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189442&bpp=1&bdt=688&idt=517&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=3860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TnVmC7Jka6&p=https%3A//www.bezahlen.net&dtd=522
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.168 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-168.teliacarrier-cust.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA31
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDRYKoETmUwINhYQ_I2lSsg&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDRYKoETmUwINhYQ_I2lSsg&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDRYKoETmUwINhYQ_I2lSsg&google_hm=Y7Yv3wXDKYNekKOvuVZLbwAAFBoAAAIB&google_nid=index&google_push=AavPq0PJekuYR1uxyjSDdiXn65zIGo9zM-Qdd...

170 B
188 B

143ms
62ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDRYKoETmUwINhYQ_I2lSsg&google_hm=Y7Yv3wXDKYNekKOvuVZLbwAAFBoAAAIB&google_nid=index&google_push=AavPq0PJekuYR1uxyjSDdiXn65zIGo9zM-QdddZD2TaYy6g9kgplL5ymPbGQ6IAjnZNwKLNxwjLF5Y6NCX-D5XmkpBqogk3jL0TPWKI

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmIJWBMzJP598%2Fd94sR4MCfXCXpRZkgZhNWKnfWiQZj8Q7WUyIoGstubByMA3OKhCMQgo9WfZoX3epCvM3RfHr%2FP3sC81cNGFUzBvm3kU3Ac2gbjUqNuUlLCbSbw7n0If%2Fas5fFcWkaL6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDRYKoETmUwINhYQ_I2lSsg&google_hm=Y7Yv3wXDKYNekKOvuVZLbwAAFBoAAAIB&google_nid=index&google_push=AavPq0PJekuYR1uxyjSDdiXn65zIGo9zM-QdddZD2TaYy6g9kgplL5ymPbGQ6IAjnZNwKLNxwjLF5Y6NCX-D5XmkpBqogk3jL0TPWKI
cache-control: no-cache
cf-ray: 7848a2d4dcccd3f8-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DA31
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECuFIbbK-UwOR50u2ban8FY&google_cver=1&google_push=AavPq0PJoaxCYaYD_TSf_iyKLdVGSBUi6vw_I2MajiNeAmFlA7-G-CLVJCowxPZgXoMNFAucLloTRcDAoaVyZGNBg4zIguPPO8...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PJoaxCYaYD_TSf_iyKLdVGSBUi6vw_I2MajiNeAmFlA7-G-CLVJCowxPZgXoMNFAucLloTRcDAoaVyZGNBg4zIguPPO8c...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMxMzcxODIyNDUyMTQ2NTg4NTE2MA%3D%3D&google_push=AavPq0PJoaxCYaYD_TSf_iyKLdVGSBUi6vw_I2MajiNeAmFlA7-G-CLV...

170 B
232 B

63ms
63ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMxMzcxODIyNDUyMTQ2NTg4NTE2MA%3D%3D&google_push=AavPq0PJoaxCYaYD_TSf_iyKLdVGSBUi6vw_I2MajiNeAmFlA7-G-CLVJCowxPZgXoMNFAucLloTRcDAoaVyZGNBg4zIguPPO8cnfYA

Requested by

Host: www.bezahlen.net
URL: https://www.bezahlen.net/ratgeber/bestellen-bei-shein/

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMxMzcxODIyNDUyMTQ2NTg4NTE2MA%3D%3D&google_push=AavPq0PJoaxCYaYD_TSf_iyKLdVGSBUi6vw_I2MajiNeAmFlA7-G-CLVJCowxPZgXoMNFAucLloTRcDAoaVyZGNBg4zIguPPO8cnfYA
date: Thu, 05 Jan 2023 02:03:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DA31 0
232 B 311ms
59ms Image
text/html 142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jt4mrHP37ITtbpXC9xFmqa0z4pwSifGH-xzTaX9cAq_a5LPZFtLf5RqmPWgmFQ1HEXEM5L

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 6357 24 KB
9 KB 230ms
164ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 6357 3 KB
1 KB 243ms
177ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 6357 18 KB
7 KB 236ms
171ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6357 0
0 266ms
60ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVg9peDQwF2-NHXtvervid7ZlLjXKXb7dUW3fksTTCFA-Mab-MmAukGyCkjWeCbPH28-aRnAfZYMOFIHo79_tsMUEG1A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6357 154 KB
47 KB 282ms
76ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 02:03:11 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 6357 34 KB
14 KB 44ms
39ms Script
text/javascript 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:18:41 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6357 17 KB
17 KB 337ms
133ms Image
image/jpeg 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT4MmmaQ8SPa3kfeo8O0L7cT0Ue6MLTfNhgVPeKgt5Uhve8-ak0RW4yANxs1-Q&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cde58b3b37875732751deeac7f233ccc2d956d87c1d96db46e0e10ce05f427c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2022 14:32:41 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16922
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 05 Jan 2024 02:03:11 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 6357 25 KB
25 KB 202ms
187ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQp0t0ZbW9PSsocKEzhEdv5aBWrOOCORVWXHtevzjp8H1Z4nB3b9Ome2b3YXeM&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd32772a60a36d02e8c1660aa21ec6cffda151f9703727e7cade898a96306d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Jul 2021 14:43:28 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25446
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 05 Jan 2024 02:03:11 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6357 13 KB
13 KB 309ms
105ms Image
image/jpeg 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSIWjcOe9a9PVtO72WZBWIoLA62uAidyF9z4wX8EDhSbj5h2NhAN1ithyfOtw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71840a44320341ad58d70f5a20ee6ab84c306e40b0774bcf4f549cc5afe1f1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 24 Apr 2022 07:27:33 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13468
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 05 Jan 2024 02:03:11 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6357 17 KB
17 KB 312ms
108ms Image
image/jpeg 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRO51TpNKBGUGf3OiIhEvUypES-fgXZhjbWyYwx1nG8hE1-60I3ATFU5UnIUQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33e19f0f4b236910645ba75c8875b693fe69cd516528278f51bf58b72b8f624a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 24 Apr 2022 07:29:25 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17806
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 05 Jan 2024 02:03:11 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6357 13 KB
13 KB 243ms
40ms Image
image/png 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQBYIyad50sRk50t4wNuc73zskvWQDnCGMd7yxya5znM5dPsu_a&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d65038e902b9f63589cb2f8a14f0639cde1a15c4c6b2e13604287fa55a9634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 05:54:32 GMT
x-content-type-options: nosniff
age: 331719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12921
x-xss-protection: 0
last-modified: Thu, 28 Feb 2019 08:42:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 01 Jan 2024 05:54:32 GMT

GET
DATA 200
OK truncated
/ Frame 8C2F 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20086089bb6f72a49ee93f58cf09a8277a894dedf3fbfd4fd46af65a586cb890

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012211060024000/ 23 KB
8 KB 192ms
39ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7054618d6d88e0ec7d1065f8dcc60911c9ad2cdb1ab832f3a2d4602a9dc5a34

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 01:38:31 GMT
age: 87880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7860
x-xss-protection: 0
server: sffe
etag: "a403c481d3db7074"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 01:38:31 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame D96A 20 KB
20 KB 72ms
72ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 15:58:56 GMT
x-content-type-options: nosniff
age: 209055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 15:58:56 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame D96A 21 KB
21 KB 80ms
80ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 16:03:06 GMT
x-content-type-options: nosniff
age: 208805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 16:03:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 05B4 1 KB
643 B 39ms
39ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 66908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Thu, 05 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6357 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f7fb5dd08601841846f3b90cae22b2d6eaf4cbd80f1ccaac792ef0ca238e279

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 05B4
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMHDgj53GD5FEGh_H1mT9wQ&google_cver=1&google_push=AavPq0MmCNHYd07q-eYXweidt3HO-mVbapzIJre9hTMLEusoSpY9KqXeuhrqGlhgNYoLL0YBDtqnlZVc6q4bzfvHCjr8pOlLM5kTZVj1
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQ0MTQyOTI2OTU0MTQ3NDc5NQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMHDgj53GD5FEGh_H1mT9wQ&google_cver=1

43 B
398 B

93ms
25ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMHDgj53GD5FEGh_H1mT9wQ&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMHDgj53GD5FEGh_H1mT9wQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 05B4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENA4FfAg30R4sRZOcykSNEk&google_push=AavPq0OSKcGcKfPq94as7yKaRpQ3rTlWmYQ3YwblQ0YgX25qKarDRyo4Kk...

170 B
188 B

63ms
63ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENA4FfAg30R4sRZOcykSNEk&google_push=AavPq0OSKcGcKfPq94as7yKaRpQ3rTlWmYQ3YwblQ0YgX25qKarDRyo4Kk5vjMxuBcDCqXoFZGyG6RbEyDu9tVlCaEVgiAj0Jzm9ejR_

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cdg20767-CDG
pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1672884192.590567,VS0,VE78
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENA4FfAg30R4sRZOcykSNEk&google_push=AavPq0OSKcGcKfPq94as7yKaRpQ3rTlWmYQ3YwblQ0YgX25qKarDRyo4Kk5vjMxuBcDCqXoFZGyG6RbEyDu9tVlCaEVgiAj0Jzm9ejR_
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 05B4
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEjqHv_rOGrFJMzmR4DQ1Ns&google_cver=1&google_push=AavPq0Nd5cl_bTJgBegjPSjREU5JbhwJ0YlFKQNWFO43bx0OgtvgKvXUkVM82LYv-l8Jffs1QlDJjYHApI51S0...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0Nd5cl_bTJgBegjPSjREU5JbhwJ0YlFKQNWFO43bx0OgtvgKvXUkVM82LYv-l8Jffs1QlDJjYHApI51S086tHJgkzR7zkAdWCTg&google_hm=hmO2L9_PumTD7...

170 B
188 B

144ms
64ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0Nd5cl_bTJgBegjPSjREU5JbhwJ0YlFKQNWFO43bx0OgtvgKvXUkVM82LYv-l8Jffs1QlDJjYHApI51S086tHJgkzR7zkAdWCTg&google_hm=hmO2L9_PumTD7miWTQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63B62FDFCFBA64C3EE68964DBLIS

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AavPq0Nd5cl_bTJgBegjPSjREU5JbhwJ0YlFKQNWFO43bx0OgtvgKvXUkVM82LYv-l8Jffs1QlDJjYHApI51S086tHJgkzR7zkAdWCTg&google_hm=hmO2L9_PumTD7miWTQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63B62FDFCFBA64C3EE68964DBLIS
date: Thu, 05 Jan 2023 02:03:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 05B4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJnQWk91aVeQgZzGbwq-kWc&google_cver=1&google_push=AavPq0PNVcy8yWULFd_NNJgZCVNq6-vUIUVMCqOqPt46rjPq3h7jz2Xg_EVrxW_SmNCbdEffBsMGbhal6V5mx7nEdMRaRZt...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PNVcy8yWULFd_NNJgZCVNq6-vUIUVMCqOqPt46rjPq3h7jz2Xg_EVrxW_SmNCbdEffBsMGbhal6V5mx7nEdMRaRZtdUlt1fhbg&google_hm=eS1WSHZmS250RTJwRk...

170 B
188 B

117ms
63ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PNVcy8yWULFd_NNJgZCVNq6-vUIUVMCqOqPt46rjPq3h7jz2Xg_EVrxW_SmNCbdEffBsMGbhal6V5mx7nEdMRaRZtdUlt1fhbg&google_hm=eS1WSHZmS250RTJwRkVsUWxlZG13T1c2LjNFaWllbzB2cX5B

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 02:03:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PNVcy8yWULFd_NNJgZCVNq6-vUIUVMCqOqPt46rjPq3h7jz2Xg_EVrxW_SmNCbdEffBsMGbhal6V5mx7nEdMRaRZtdUlt1fhbg&google_hm=eS1WSHZmS250RTJwRkVsUWxlZG13T1c2LjNFaWllbzB2cX5B
content-length: 0

GET
H2 200 google
d5p.de17a.com/cookies/ Frame 05B4 35 B
125 B 50ms
48ms Image
image/gif 213.155.156.168
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/cookies/google?google_gid=CAESEDTvmo_gAfiRIaNQKItGb_k&google_cver=1&google_push=AavPq0Oxa2qHiHp1DxEQmR24dl96VdFBIwg8HFuFXksF6dsfXh7Sh8-azTr9yEEEw88Q9rWD5opGSqk3FAK3AVtVvrh_ClJUZQZz3-R6
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.168 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-168.teliacarrier-cust.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 05B4
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK0F_MXfTU2cIuXkJ1bwKIA&google_cver=1&google_push=AavPq0NU4l0FHTcIPGL6wh2wyWv7HkJSbmqEjZEBwt4HQUx5ZaXMIds9eLWLutWJJ9_g8cf4Uo3ogeDQ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEK0F_MXfTU2cIuXkJ1bwKIA&google_cver=1&google_push=AavPq0NU4l0FHTcIPGL6wh2wyWv7HkJSbmqEjZEBwt4HQUx5ZaXMIds9eLWLutWJJ9_g8cf4Uo3...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc2MTY3NTQxOTM5NTIzMTA1Mg&google_push=AavPq0NU4l0FHTcIPGL6wh2wyWv7HkJSbmqEjZEBwt4HQUx5ZaXMIds9eLWLutWJJ9_g8cf4Uo3oge...

170 B
188 B

62ms
62ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc2MTY3NTQxOTM5NTIzMTA1Mg&google_push=AavPq0NU4l0FHTcIPGL6wh2wyWv7HkJSbmqEjZEBwt4HQUx5ZaXMIds9eLWLutWJJ9_g8cf4Uo3ogeDQl3vIFHJS6IC1R4MRJd4pPsuv

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc2MTY3NTQxOTM5NTIzMTA1Mg&google_push=AavPq0NU4l0FHTcIPGL6wh2wyWv7HkJSbmqEjZEBwt4HQUx5ZaXMIds9eLWLutWJJ9_g8cf4Uo3ogeDQl3vIFHJS6IC1R4MRJd4pPsuv
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 05B4
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEGniH7eVxE98mti9Pp1NjjM&google_cver=1&google_push=AavPq0MNaBPPx2daXDXtSUi4Oj4cSOIjO6cFUBoaIkP-hKR1ftld0Jfr4w52bB2HeyRRumfJIe4xugBRZqKSMQcZRaJNPlcVsYhr9YE
https://rtb.openx.net/sync/dds?google_gid=CAESEGniH7eVxE98mti9Pp1NjjM&google_cver=1&google_push=AavPq0MNaBPPx2daXDXtSUi4Oj4cSOIjO6cFUBoaIkP-hKR1ftld0Jfr4w52bB2HeyRRumfJIe4xugBRZqKSMQcZRaJNPlcVsYhr9...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0MNaBPPx2daXDXtSUi4Oj4cSOIjO6cFUBoaIkP-hKR1ftld0Jfr4w52bB2HeyRRumfJIe4xugBRZqKSMQcZRaJNPlcVsYhr9YE&google_hm=g35PK5ywyaAgTJAHwgjq...

170 B
188 B

64ms
63ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0MNaBPPx2daXDXtSUi4Oj4cSOIjO6cFUBoaIkP-hKR1ftld0Jfr4w52bB2HeyRRumfJIe4xugBRZqKSMQcZRaJNPlcVsYhr9YE&google_hm=g35PK5ywyaAgTJAHwgjqQg==

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:10 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0MNaBPPx2daXDXtSUi4Oj4cSOIjO6cFUBoaIkP-hKR1ftld0Jfr4w52bB2HeyRRumfJIe4xugBRZqKSMQcZRaJNPlcVsYhr9YE&google_hm=g35PK5ywyaAgTJAHwgjqQg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: njsmfofohiafm6nohco9qjgita2iusts

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 05B4 0
40 B 61ms
60ms Image
text/html 142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILkJ1xhKGfHh4IH-igY1tiQkIhOeKe5e4XkfmgPG8jdnH0TYuK3ijSGbSawFpyiXxdTFOQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6357 20 KB
20 KB 40ms
39ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 15:58:56 GMT
x-content-type-options: nosniff
age: 209055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 15:58:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 151ms
72ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230103&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07f352094debf626c13dc9f024edfde1a36c418e1f7f11ab9620861ba27d8b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11143
x-xss-protection: 0

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 170F 36 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2886617747125999&output=html&h=280&slotname=7517196085&adk=614820840&adf=2321287395&pi=t.ma~as.7517196085&w=930&fwrn=4&fwrnh=100&lmt=1672884008&rafmt=1&format=930x280&url=https%3A%2F%2Fwww.bezahlen.net%2Fratgeber%2Fbestellen-bei-shein%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672884189440&bpp=2&bdt=686&idt=509&shv=r20230103&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C930x280&nras=1&correlator=7314006647700&frm=20&pv=1&ga_vid=1054998781.1672884190&ga_sid=1672884190&ga_hid=113027746&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C44780792&oid=2&pvsid=1751397513414269&tmod=1587486528&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hU9TIt8qWJ&p=https%3A//www.bezahlen.net&dtd=513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:13:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 99ms
99ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 02:03:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D9ED 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bezahlen.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 01:48:06 GMT
expires: Fri, 05 Jan 2024 01:48:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6D7E 783 B
536 B 153ms
65ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ad03c8f32b057d03312618c926dcd5194d8ec0cf29b29610575422957ec0f9b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3m5dOBqJBgFsrQR1JT7jJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bezahlen.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-3m5dOBqJBgFsrQR1JT7jJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 02:03:11 GMT
expires: Thu, 05 Jan 2023 02:03:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame D9ED 36 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:13:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6D7E 0
0 71ms
71ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230103&jk=1751397513414269&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D9ED 0
10 B 39ms
39ms Image
text/plain 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jMs2cg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:03:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8C2F 42 B
64 B 76ms
75ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7t0FUA0wSWTFba-8NL_sl19lqXuTW_osMXTKsxXmxe9m4Pe7wgkAeNjrxoqkKNeGz1x006b3yPzeuAPuesdWI_CUlf-UExoxvbTEhNpq7iOALWkthgvfftRrsg8CjzDrZznQvBg&sai=AMfl-YQZBjyTPuj529-VnBTHhVyLCgnQy-ZC8pomt4NfM_qzD23NgDAAT8quoNZ-kJMJO7_S7NIAWHsYs2f_2bw&sig=Cg0ArKJSzDnsQSDDOpnxEAE&cid=CAQSGwDq26N9wIOPEGOPcP77tS2kXF4Xjijk1Jr4xBgBIBM&id=ampim&o=170,767&d=930,240&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=420&tls=1421&g=100&h=100&tt=1421&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 02:03:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
75ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230103&jk=1751397513414269&bg=!cHOlczfNAAYDMoyoIzI7ACkAdvg8WmRCsNIvIjgeRK9_TwukWhcKDms0OFSLLq7v_utZtopkD6C_RQIAAABYUgAAAAhoAQeZAqlZg6THfvmcvWlRDV807Ms5JpNIPPcimB1phU-tAX_3voa7lnQg3XnH6uGI_Q-9w3UDa6hEVGKu4_HaLp2yFcaWfyTDTmRklQhHPhjI5Kkli482u56MzV3sip-wWGhCTKbpJn4ghN-nn7T3bKch7MBWaxG-sczBYRB_t1DHGCLZYGU6FJysxSxU9aYNALbMFUtFVsfmzLXb3yluUz-u7RMsSo2k6LutQHdNrEcHogvEzDt6T_bBn1r7oNHxWzqJ6HK3w8wmN9papSb3NAwpP-mi9yM-NjO7FME7Pro5HKMKDzKFVGwThV6LC-QyKG8ZbPxXsjr61eKpu7pVsTVbuuaFRBEq7rPnCtitaEF4sdg-radZq0jdNU0_Y_dK3bw7X9exL7lyStxyzBZc_Pm4Tb5hKAE-A6tOig1zFVQ7kCp9vv6gnO110nWXce3Omys1VPc6tOL_aMuTfWsEKETCaM7NAmTfN90ORaP_7cjBsC1QHZrelCKuOCyFVQLooWSOLpvXPHJgCP-M4IPc2cjw5MGkxbL8WBTqH4EB1ByebE8_DK0BU2VglO5QQorDg4DvHVyjV1WlfdgCUGtfo4zwFaaY4SDxeotJRbh7KiJYjJ3l9RWck0E7Bfte3mvCaHJxBSQ6mAL6MwrIrPmTBo7RZLOpZRJvLB_jE4k9NRPH5lZRoCQtMMfaFYTD4_Kp5h0Z8fsrP0FAF_YHi3ZpDvmz3oxeu7Ip4IxNLcZtyRP93lZldbobsbDkzhEHyRo8w2ZqyYhfaTN9KGDpdk43LPjtAhK_nR2hqNAUpheuk_JyOd8rqg37985nuAdRTlM8787SWZPOBVwOLsbsoZJRHPpSjPESNiZ6zhadxamisgltd0OLrut0a3BqQrXISXUGY7sOEBEm9sUaJN-aBbY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.bezahlen.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bezahlen.net/	1970-01-20 09:24:36	Name: advanced_ads_browser_width Value: 1600
www.bezahlen.net/	1970-01-20 08:42:50	Name: pvc_visits[0] Value: 1672970589b27198
.bezahlen.net/	1970-01-20 18:03:00	Name: __gads Value: ID=7b09c6742716d9db-22271fd7fdda002c:T=1672884189:RT=1672884189:S=ALNI_MZPawHz423Kik0bbHivfBKr4xxfDg
.bezahlen.net/	1970-01-20 18:03:00	Name: __gpi Value: UID=00000b9d57fe6ebb:T=1672884189:RT=1672884189:S=ALNI_MYjRWhbsUMwTb1arFPr0M0QtvULDA
.doubleclick.net/	1970-01-20 18:03:00	Name: IDE Value: AHWqTUmeiMKb-cNnvnF_is_YLmkiHYy5NjMPk2hJ4RZmc7CbLB586ukzPOivlaJoJk0
.ctnsnet.com/	1970-01-20 17:27:00	Name: gid_CAESECcIikonwoJf_EbZm3cSfFk Value: 1
.ctnsnet.com/	1970-01-20 17:27:00	Name: cid_5f08b15b6cba47f6aae7a8f1411a3ce0 Value: 1
.quantserve.com/	1970-01-20 10:51:00	Name: d Value: EEIBCQH9J4EA
.quantserve.com/	1970-01-20 18:11:38	Name: mc Value: 63b62fdf-600ad-83ece-6d64a
.simpli.fi/	1970-01-20 17:28:26	Name: suid Value: AD4F8283A56E45CC81A3987B30D66AC9
.blismedia.com/	1970-01-20 17:27:04	Name: b Value: 63B62FDFCFBA64C3EE68964DBLIS
.3lift.com/	1970-01-20 10:51:00	Name: tluid Value: 4313718224521465885160
.casalemedia.com/	1970-01-20 17:27:00	Name: CMID Value: Y7Yv3wXDKYNekKOvuVZLbwAA
.casalemedia.com/	1970-01-20 10:51:00	Name: CMPS Value: 5146
.casalemedia.com/	1970-01-20 10:51:00	Name: CMPRO Value: 5146
.casalemedia.com/	1970-01-20 10:51:00	Name: CMTS Value: 5184
.openx.net/	1970-01-20 17:27:00	Name: i Value: 8f84fa4e-9cb1-4f79-9cee-14587536e305\|1672884191
.turn.com/	1970-01-20 13:00:36	Name: uid Value: 4441429269541474795
.yahoo.com/	1970-01-20 17:27:21	Name: A3 Value: d=AQABBN8vtmMCEB00dwCd817UgKpRqXbA9fEFEgEBAQGBt2PAYwAAAAAA_eMAAA&S=AQAAAo7vuNKWGL6FTDYOAoeUz0Q
.adform.net/	1970-01-20 09:26:02	Name: C Value: 1
.everesttech.net/	1970-01-20 17:27:00	Name: everest_g_v2 Value: g_surferid~Y7Yv3wAAASeqIwAZ
.adform.net/	1970-01-20 10:07:48	Name: uid Value: 1761675419395231052

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
adservice.google.com
adservice.google.fr
bezahlen.net
c1.adform.net
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
r.turn.com
rtb.openx.net
ssum-sec.casalemedia.com
sync-tm.everesttech.net
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.bezahlen.net
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
141.0.23.218
142.250.180.226
142.251.208.130
151.101.130.49
172.64.154.237
2001:678:cb4:bbbb::11
213.155.156.168
2606:4700::6812:acf
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1158:1000:406::3da
2a00:1450:400d:802::2001
2a00:1450:400d:803::2002
2a00:1450:400d:803::2003
2a00:1450:400d:806::2002
2a00:1450:400d:806::200e
2a00:1450:400d:807::2002
2a00:1450:400d:807::2003
2a00:1450:400d:808::2003
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2004
2a00:1450:400d:80a::200a
2a00:1450:400d:80a::200e
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2002
2a05:d018:d29:3605:2ff3:9a7b:16d6:ab3d
34.91.62.186
34.96.105.8
35.186.193.173
35.227.252.103
37.157.4.28
76.223.111.18
07f352094debf626c13dc9f024edfde1a36c418e1f7f11ab9620861ba27d8b4b
0b092ac11ea3d4183ae85f41f8f656760c85cf8423deb0342be332d473dcde00
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f31e5e932c571050bc9b8291cb15ad6708d65b5db22ee8e7806096868f1a552
0f7fb5dd08601841846f3b90cae22b2d6eaf4cbd80f1ccaac792ef0ca238e279
1af970ea633ab1576cf585e8dc3502757035656477865b78883fff8543d73250
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1cde58b3b37875732751deeac7f233ccc2d956d87c1d96db46e0e10ce05f427c
1cfaee2958fa9c3fdf877801fb3825db1d181bdd75f199f8fe22f527ab3abed2
20086089bb6f72a49ee93f58cf09a8277a894dedf3fbfd4fd46af65a586cb890
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
2165e2c26c55abda30802c47b96c0299eed7de988ab2ef405b35036b4fbdeb6a
231cfbe93871f228c30313539a6a71638f94e7e8cb5fa427217fb65c7f6931b9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4
2a6f675e0cc9be4a0f99d3ab8ba5e8ce474f0a062bd2f1e24ca17db4fae66acb
2ad03c8f32b057d03312618c926dcd5194d8ec0cf29b29610575422957ec0f9b
2c20efb71eda6a9ed50cb1be67a2ccb9e6cfd124b5e35d5643d7d8dba1b356f9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33e19f0f4b236910645ba75c8875b693fe69cd516528278f51bf58b72b8f624a
34b90d180e92175b71aba450d3177101b8aa6b68e821fb396a09953fbd18e256
40d8c73575cd54b10f687ce99f0d763e4709dd63372434d004e3e4d6161bbbc3
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
47c28f037e4ef8bde348674051fe6186b6a7cabeddc376fc70fb9a9dd9b47ed5
47d65038e902b9f63589cb2f8a14f0639cde1a15c4c6b2e13604287fa55a9634
48446357cf9c75846a7c3053f653f7973a1e5291b0a349e89c435f9e6d939bc3
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d970440e01b3772bd54181ba9ee9e607d21a4cf983e4da87056b8e49b6d178
4aa648d57636bd52477cb0133d1dafa2e979010c795470191cc9cd8c925230b6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561d133e612d60ea988fd5ab8819c6ea9c2336c8a3e3a054ac78a1bab3a73178
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
5d7e4c45cdad295c9a0523246e6b562e1e8a2d1986349681acd8973e51209c95
5e06a738004b78827c67b1c5d136ed9024ac2a387426abc91fd908a9d8a8e250
5f0a0610e7fa0e2ee6d126bc34e0949903bffafd5f31337953ce11e31e999a99
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
6a106bdab4bd33f2d66d7b63b1b9fe31ad8085d1b90d913fdcd2d704e61ff57a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ce40d9a8cffef73732d5e2fe59a7c591d5ff42a1dd0bf5c778e33f6cc2636cd
6d8f733395b1d8aa3410f9f6a1cc0074d0c5ce56a35203909192a067bc6594dd
6fa0781177fa226f77251daa88692491078a497b5c02cf683a24f8b3f929348d
71840a44320341ad58d70f5a20ee6ab84c306e40b0774bcf4f549cc5afe1f1d9
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
72ab34eefebc21cb82fdc59d1909d9c66a787fa8bc24d667c39357023d072d05
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
79e86049a33a4706f4e46501c1268f61536aa9ed3943113c308076b2403c53f4
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
7d2cdc33a01967787075c67728204819a1c4b23d621bdeb44727fa612a25d585
7dfd0cc0bc2c551f9779249efaac0a586b85fa33f11f5b3cbda5093a01ea3e42
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
897cb7fc75e606ca3a83a84b3777af6ff8f91eee1e9f49ddfbd0ad8aa33a9968
8d1cb6afd5c7d4161b719b1b73ab16564f145e713e90287ea0f72cef534cd8fd
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
8eef739a33711eec931d396e6299adf7f6a728f49028d45b51070cd6a46c18d5
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
99bf178cafbeeb68e77cf937075d06cd2f5d542ebccd6891a4b8f5e2782ee196
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7d78fdd4ca7864777d55a8ce47933c5f1d6e76d487b0a9075dd041fe2ad5545
a7e1e9ff97c687c37763a0ad144b7fcfefff597b1efc2a4ab372b2070fdb56d9
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b620a31e04a613f198fd3b2fdeba1bed4b6f0df2e546c27c7643898fbe716d37
b7054618d6d88e0ec7d1065f8dcc60911c9ad2cdb1ab832f3a2d4602a9dc5a34
b91e4db6438461ada0f9b455aca91ff7366ea4c1459d620802c3c764bc21e1ab
bb03e5bfea9e65b4024d93b0367854a57f15dabee1daa9783fad30c7b5f28bb7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c14d9b2555507b5699f96450ac0528f0f14bd41246761ff7c14106267268c0b4
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c40db5a5096fe29187b9654ad9a948f0d96edb3926168275b3a71e9cb38151e4
c8eaf570579573c5c9b39775bd643d1f2feb99a44706a561badf3f4edfdd665f
ca231b8534066f197595dd6f38c576d47fd9703e0957e0f01fa5c6ca3c173c1b
cf9461ed071730021509e98005c7568714e6ffe98ef520357e2d052d25b534f4
cfd32772a60a36d02e8c1660aa21ec6cffda151f9703727e7cade898a96306d1
d28bb573cffa77af97b7e84563484245237bab798cbd06002eaff4474b5e6c9f
d31341c4a2f45fa0ef9a458648c638d4e3ab6849afcbf93444ffc5e70557bfb2
d68c766c896af6d96cdc8f2d5455b62e619d4d3caefc1183754e93da6413a79e
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df02979a78c233d4f94e6fabbf5620b730e3689c7492feb68506836d0d71417f
dfd9ca6b4b527aa04fc1b3d36bf82a2aff1a9f8699b568964d0ceb48bde7c9ef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea81fa1c4c1ae3e408cba8a9475197e0edac0b15da5dc2ac25f5f91fbbfbd227
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f87adb35a81c0dd96ab93f8dce01805e2fe1bd31536ea74506805b3d211e3b46
f8ac899cf584713afc1624e07bd48454a522e490bb44662848357a83eec44e75
fac5e917a02e3a5df3536c729276f22b40347dbf45bdd0c3b1f8922f1f71e68c
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

www.bezahlen.net Open in urlscan Pro 2a00:1158:1000:406::3da Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

88 %HTTPS

61 %IPv6

24 Domains

33 Subdomains

23 IPs

7 Countries

2005 kBTransfer

4259 kBSize

22 Cookies

7 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bezahlen.net Open in urlscan Pro
2a00:1158:1000:406::3da Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

88 %
HTTPS

61 %
IPv6

24
Domains

33
Subdomains

23
IPs

7
Countries

2005 kB
Transfer

4259 kB
Size

22
Cookies

121 HTTP transactions
6 data transactions