www.shytobuy.de Open in urlscan Pro
2606:4700:3108::ac42:28fc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://praamountplus.com/
Effective URL:
https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
Submission: On February 15 via api (February 15th 2022, 8:21:27 pm UTC) from US — Scanned from DE

Summary HTTP 144 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 25 domains to perform 144 HTTP transactions. The main IP is 2606:4700:3108::ac42:28fc, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.shytobuy.de.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 19th 2021. Valid for: a year.

This is the only time www.shytobuy.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	103.224.182.251 103.224.182.251	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 5	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.169.168 157.90.169.168	24940 (HETZNER-AS) (HETZNER-AS)
1 3	104.92.94.3 104.92.94.3	16625 (AKAMAI-AS) (AKAMAI-AS)
71	2606:4700:310... 2606:4700:3108::ac42:28fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.63.46 65.9.63.46	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:4400:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3668	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	65.9.63.27 65.9.63.27	16509 (AMAZON-02) (AMAZON-02)
1	104.160.72.8 104.160.72.8	46469 (GETRESPON...) (GETRESPONSE-IMPLIX)
11	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	52.214.94.201 52.214.94.201	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.79 143.204.215.79	16509 (AMAZON-02) (AMAZON-02)
1	52.48.188.246 52.48.188.246	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.65 143.204.215.65	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	52.213.204.33 52.213.204.33	16509 (AMAZON-02) (AMAZON-02)
1	65.9.63.123 65.9.63.123	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	52.30.171.74 52.30.171.74	16509 (AMAZON-02) (AMAZON-02)
1	18.66.2.114 18.66.2.114	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
144	31

2 103.224.182.251 (Australia) 2 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-251.above.com

praamountplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

1redirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de

lookandfind.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.92.94.3 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 2606:4700:3108::ac42:28fc (United States)

ASN13335 (CLOUDFLARENET, US)

www.shytobuy.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-46.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:4400:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3668 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.63.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-27.fra56.r.cloudfront.net

widgets.trustedshops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.160.72.8 (United States)

ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: mta-2.e-healthexpress.co.uk

www.e-healthexpress.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.94.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-94-201.eu-west-1.compute.amazonaws.com

the.sciencebehindecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-79.fra53.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.188.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-188-246.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-65.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.204.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-204-33.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-123.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.171.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-171-74.eu-west-1.compute.amazonaws.com

ws15.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.2.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-114.txl50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	shytobuy.de www.shytobuy.de	1 MB
16	google.com apis.google.com — Cisco Umbrella Rank: 86 www.google.com — Cisco Umbrella Rank: 2 play.google.com — Cisco Umbrella Rank: 32	231 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	55 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 574 script.hotjar.com — Cisco Umbrella Rank: 726 vars.hotjar.com — Cisco Umbrella Rank: 809 in.hotjar.com — Cisco Umbrella Rank: 1615 ws15.hotjar.com — Cisco Umbrella Rank: 58628	66 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 331	12 KB
5	1redirc.com 1 redirects 1redirc.com	8 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6342	826 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67	3 KB
3	gstatic.com www.gstatic.com	4 KB
3	trustedshops.com widgets.trustedshops.com — Cisco Umbrella Rank: 22119	85 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	185 KB
2	sciencebehindecommerce.com the.sciencebehindecommerce.com — Cisco Umbrella Rank: 61895	5 KB
2	zenaps.com www.zenaps.com — Cisco Umbrella Rank: 18832	995 B
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 4642 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 4293	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	30 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	312 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	115 KB
2	lookandfind.me lookandfind.me	1 KB
2	praamountplus.com 2 redirects praamountplus.com	1 KB
1	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19741	50 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2057	257 B
1	e-healthexpress.co.uk www.e-healthexpress.co.uk	967 B
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4379	8 KB
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 14416	755 B
1	clever-redirect.com 1 redirects clever-redirect.com	429 B
144	25

	Domain	Requested by
71	www.shytobuy.de	lookandfind.me www.shytobuy.de
11	www.google.com	apis.google.com 1redirc.com www.google.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	bat.bing.com	1redirc.com bat.bing.com
5	1redirc.com	1 redirects 1redirc.com
4	www.google.de
4	apis.google.com	1redirc.com apis.google.com www.google.com
3	www.gstatic.com	www.google.com
3	widgets.trustedshops.com	1redirc.com widgets.trustedshops.com
3	www.googletagmanager.com	1redirc.com www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	the.sciencebehindecommerce.com	www.dwin1.com the.sciencebehindecommerce.com
2	www.zenaps.com	www.dwin1.com www.zenaps.com
2	www.googleadservices.com	www.googletagmanager.com
2	www.facebook.com
2	connect.facebook.net	1redirc.com connect.facebook.net
2	lookandfind.me	1redirc.com
2	praamountplus.com	2 redirects
1	play.google.com	www.google.com
1	analytics.webgains.io	1redirc.com
1	ws15.hotjar.com	script.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	script.hotjar.com	static.hotjar.com
1	www.e-healthexpress.co.uk	www.googletagmanager.com
1	rum-static.pingdom.net	1redirc.com
1	www.dwin1.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.awin1.com	1 redirects
1	clever-redirect.com	1 redirects
144	33

This site contains links to these domains. Also see Links.

Domain
de.trustpilot.com
www.shytobuy.fr
www.shytobuy.it
www.shytobuy.es
www.shytobuy.se
www.shytobuy.uk
www.shytobuy.dk
www.shytobuy.fi
www.shytobuy.nl
www.facebook.com
www.instagram.com
www.comfortclick.eu

Subject Issuer	Validity	Valid
lookandfind.me R3	`2022-01-02` - `2022-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-19` - `2022-06-18`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-25` - `2022-02-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.dwin1.com Amazon	`2021-11-19` - `2022-12-17`	a year	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2021-12-14` - `2022-12-13`	a year	crt.sh
widgets.trustedshops.com Amazon	`2021-08-24` - `2022-09-22`	a year	crt.sh
e-healthexpress.co.uk R3	`2021-12-23` - `2022-03-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2021-07-19` - `2022-08-20`	a year	crt.sh
*.pingdom.net Amazon	`2021-12-07` - `2023-01-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.webgains.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
Frame ID: D7484F19D5107988179619DFAA1984E5
Requests: 129 HTTP requests in this frame

Frame: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=110097934&position=BOTTOM_LEFT&origin=https%3A%2F%2Fwww.shytobuy.de&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__
Frame ID: 09AD5356B05BD042AC695DD72470470E
Requests: 13 HTTP requests in this frame

Frame: https://www.zenaps.com/alt.php?mid=22721&sv=22721_1644956483_317857d8709d3807159cf6d2e222db70
Frame ID: E695DD1C1B996BDAE0890708E2487B06
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 3FA08458E8DF6EEB8568198322CDC8A7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 97CC3DCECEB47825C24C6309B23036B9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Persönliche Pflege für Männer und Frauen | ShytoBuy.de

Page URL History Show full URLs

http://praamountplus.com/ HTTP 302
https://praamountplus.com/ HTTP 302
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5... Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D43713... HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=437136484&sid=2022021607212186af4c5044eb4fbad5 HTTP 302
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=shytobuy.de&s1=721614&s2=&s... Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D22721%26id%3D926315%... Page URL
https://www.awin1.com/awclick.php?mid=22721&id=926315&pref1=42ebee57a89e34631d65c6767b76d539&pref2=DE HTTP 302
https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

144
Requests

97 %
HTTPS

47 %
IPv6

25
Domains

33
Subdomains

31
IPs

5
Countries

2237 kB
Transfer

4850 kB
Size

28
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://de.trustpilot.com/review/shytobuy.de

Search URL Search Domain Scan URL

URL: https://www.shytobuy.fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://www.shytobuy.it/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://www.shytobuy.es/
Title: Español

Search URL Search Domain Scan URL

URL: https://www.shytobuy.se/
Title: Svenska

Search URL Search Domain Scan URL

URL: https://www.shytobuy.uk/
Title: English

Search URL Search Domain Scan URL

URL: https://www.shytobuy.dk/
Title: Dansk

Search URL Search Domain Scan URL

URL: https://www.shytobuy.fi/
Title: Suomi

Search URL Search Domain Scan URL

URL: https://www.shytobuy.nl/
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/ShytoBuy-Deutschland/657755994300232

Search URL Search Domain Scan URL

URL: https://www.instagram.com/shytobuy_de/

Search URL Search Domain Scan URL

URL: https://www.comfortclick.eu/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://praamountplus.com/ HTTP 302
https://praamountplus.com/ HTTP 302
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JMjWv38g%2Fo%2FPqBVxWV5igUcE3eoiGu1kVmKiKHBdRpjMUaqauqrd0mjnjUijxTeFbdqwfztX9hll1F2oTz8ewMg7K0Zpz33%2BNkSQAL5mMxZZLsxyydbQ3KJBZ9Rif%2BEicf1Ea12%2BbDm6KWeSse3i9eh5douTGRRUfD1J0ztkqVAxiUzImoLoNyZJKgkYE%2FNGO0vTCqZntjExEvZZKR2VoKIN3%2FN97yl%2B2fhlYKt2sCYCtRsVtJqP2z7uA0bvIIhPmcWEHUTIxjgAzOS%2BT2V4%2B9Y4P%2B0E2DJ%2FQpYtJZPGKbxqkF5hrUW5Suxc8wR5BRknJPjdsi0f%2ByXdJPO3bpvEvfat1v%2B7R%2FCObrzD7r47AUVdwWbDJgKwegTTFp%2BS7tzCrOxCw0WByy6riBpEho1J%2BPuLta7KuM5lQzZ%2FJZ2ZGYM%2BQJwVClAmtVal6gHmzOpaSg7sR0UyQkmdzmlksKf3QPRI7qEoS8kMcXTh5ilsOc6Kpg34DpGewtJ0MKnkbvWOO1ZKm2bbAORgpNezkIt7arGJX5GQs%2Fzxa5EnMpWvFfkXQRR27q6Jp%2FPf%2BoMtgdl3bKqoItfZLYW2ogzgDUA3wOTE7Jq6lDfua8S6o5uaLlt7Xosoj2E9g%3D%3D Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D437136484%26sid%3D2022021607212186af4c5044eb4fbad5&s=j&enc=WWsvODFFczZieUo2MDRiQmh3MTIrWDQ5ZmpKTVlVNVNNbmxvYmpBck9WZzRjR3BQT1VKTFRXZGliblp6VGpGUmVXcHRZVGhpWlcxVVdYaFlaVXAzUzJsTVkySmthMUpwZDBsbWQzcFNVSFJ5V0UxTVZEUmpiaTlRVmpKMVFsazRlVEIzY1dONVRXOVBTR0pwUmpVek4ybFlkWHBzV2tRemJHOWtVbGxPTDFCUkx5dEVTRkZ2ZWpZMlYxZGFNMk51VTJKMFJsQXZMMWtyVlhZd1JGUjVaWE5JYzNSMVRYWnZiMWxvZDFoVmRsTldhakV6UlZFMVZsTm5hbXhMZVhWalZsVmhZemNyTlcxWVdYQTBTbUpGTlVOcVNIRndZMEl6VTJ0MFRtOVNaRVp0VkhnNVprVnBlR280UkZKaWMzbGlZV2x0YlRoR2FIcEVaRFJTZVZka1JuaEJSSFZFZGsxTlFYcHVTa0V3YkcwdmNVMU9WRWxWV1U5eFEyVlpVbXAyYkZKT09ETm5kWFZVUkVGelNVWk5RbXBWZVZSc1JWZFViRWQ2WTNGRFdsSk9kSFpVY0RRME4yaEdaVlJNY2k4elowVlpNU3RtU0M5QmMwZEZTV1V3VlVsbFFVdFhOVk5DV1RFeWIxQjZRMWN4S3pWWFZtSjZkVEJRT0ZGbFIzTlJTa3RWU25WV1RHZ3pLMXBYVW05UE9YZE9RM2wzZWxKTFZ6VmFhVWhhVDJ0S1lUWlFaRzh6UTNsNVdGbHBlVFZ1YTBKYWJUSXJOVWN5TTNwUE5uVlNla1JpZWsxb1UwMHdaRlJSY0VkTVVuVk1XbUYyZUhwRmNFZFRXbk41TlhGTVUzQXdkM0o0UzJOdGRVeFVXRlJPTDBkbFlXY3JSV1pGYlUxT1RIQkVhR0pRVjI5cllqaEdTRVpQVkZsUWVFYzVkVVZ1T0dFNVpVOTJUREU0TmxNck4yTjZSRGRQUjBSYVdrNVZZMms0WW5SRVNYaHpPVzFhZVhSeVR6aFNka2cxVVZoSFpsbEhja0l3ZVdGSFJVRnpOM3BUV1ZWc1FqSjBOSGwyY1hwNE1XbHJUa0ZxWkc5emNsQkRPREY1UlRoc2NteEZSbUZFYjNkd2FUaFRTRXhrUjJGNVJFaEVOVGxJWjA5Q1RITlpZbFZLWWxWeWQwOVVUQ3REVERSUE1URXJUVlJTTkVwRmNsbE9kbkZwUlVSak0yZGpUMGhNTUZObmQwWkpVbll6ZGpadFFYaFFVWEJqZWtZMmJIcFhSM0pQZVVsTGFXVk1LM0ZCYkU5NVZtcERlVXhrUTJVckwyTnpOM05zY1c1amVYQnRUMlpMWXpGVmNGSXJWR3h5ZFVOeGVYUllaRXBqWjFWcFduWm1iR0o0WTJGRlNIcE5kVWsxT1ROQk5VMVdWRlJRVkd0dFpHOUlRVzl0VVZkeU5WZHBVemN5WmtvclVIaE9hVEJKZEZwa01rUlJkSHBVVGxGMUsyWkpRMlptVDNjeWRYQjZaVlJtUm5ONlZtOVNZMUZXTkUweGEwdHVSRUpRT1VKYVRreGpRa1J6YW0wdldEZ3hVblJNYVdWUlBRPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=437136484&sid=2022021607212186af4c5044eb4fbad5 HTTP 302
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=shytobuy.de&s1=721614&s2=&s3=437136484&s5=wc Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D22721%26id%3D926315%26pref1%3D42ebee57a89e34631d65c6767b76d539%26pref2%3DDE&h=37edaa83f65e99a32fb82ddb960d8136 Page URL
https://www.awin1.com/awclick.php?mid=22721&id=926315&pref1=42ebee57a89e34631d65c6767b76d539&pref2=DE HTTP 302
https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://praamountplus.com/ HTTP 302
https://praamountplus.com/ HTTP 302
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JMjWv38g%2Fo%2FPqBVxWV5igUcE3eoiGu1kVmKiKHBdRpjMUaqauqrd0mjnjUijxTeFbdqwfztX9hll1F2oTz8ewMg7K0Zpz33%2BNkSQAL5mMxZZLsxyydbQ3KJBZ9Rif%2BEicf1Ea12%2BbDm6KWeSse3i9eh5douTGRRUfD1J0ztkqVAxiUzImoLoNyZJKgkYE%2FNGO0vTCqZntjExEvZZKR2VoKIN3%2FN97yl%2B2fhlYKt2sCYCtRsVtJqP2z7uA0bvIIhPmcWEHUTIxjgAzOS%2BT2V4%2B9Y4P%2B0E2DJ%2FQpYtJZPGKbxqkF5hrUW5Suxc8wR5BRknJPjdsi0f%2ByXdJPO3bpvEvfat1v%2B7R%2FCObrzD7r47AUVdwWbDJgKwegTTFp%2BS7tzCrOxCw0WByy6riBpEho1J%2BPuLta7KuM5lQzZ%2FJZ2ZGYM%2BQJwVClAmtVal6gHmzOpaSg7sR0UyQkmdzmlksKf3QPRI7qEoS8kMcXTh5ilsOc6Kpg34DpGewtJ0MKnkbvWOO1ZKm2bbAORgpNezkIt7arGJX5GQs%2Fzxa5EnMpWvFfkXQRR27q6Jp%2FPf%2BoMtgdl3bKqoItfZLYW2ogzgDUA3wOTE7Jq6lDfua8S6o5uaLlt7Xosoj2E9g%3D%3D

Request Chain 4

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D437136484%26sid%3D2022021607212186af4c5044eb4fbad5&s=j&enc=WWsvODFFczZieUo2MDRiQmh3MTIrWDQ5ZmpKTVlVNVNNbmxvYmpBck9WZzRjR3BQT1VKTFRXZGliblp6VGpGUmVXcHRZVGhpWlcxVVdYaFlaVXAzUzJsTVkySmthMUpwZDBsbWQzcFNVSFJ5V0UxTVZEUmpiaTlRVmpKMVFsazRlVEIzY1dONVRXOVBTR0pwUmpVek4ybFlkWHBzV2tRemJHOWtVbGxPTDFCUkx5dEVTRkZ2ZWpZMlYxZGFNMk51VTJKMFJsQXZMMWtyVlhZd1JGUjVaWE5JYzNSMVRYWnZiMWxvZDFoVmRsTldhakV6UlZFMVZsTm5hbXhMZVhWalZsVmhZemNyTlcxWVdYQTBTbUpGTlVOcVNIRndZMEl6VTJ0MFRtOVNaRVp0VkhnNVprVnBlR280UkZKaWMzbGlZV2x0YlRoR2FIcEVaRFJTZVZka1JuaEJSSFZFZGsxTlFYcHVTa0V3YkcwdmNVMU9WRWxWV1U5eFEyVlpVbXAyYkZKT09ETm5kWFZVUkVGelNVWk5RbXBWZVZSc1JWZFViRWQ2WTNGRFdsSk9kSFpVY0RRME4yaEdaVlJNY2k4elowVlpNU3RtU0M5QmMwZEZTV1V3VlVsbFFVdFhOVk5DV1RFeWIxQjZRMWN4S3pWWFZtSjZkVEJRT0ZGbFIzTlJTa3RWU25WV1RHZ3pLMXBYVW05UE9YZE9RM2wzZWxKTFZ6VmFhVWhhVDJ0S1lUWlFaRzh6UTNsNVdGbHBlVFZ1YTBKYWJUSXJOVWN5TTNwUE5uVlNla1JpZWsxb1UwMHdaRlJSY0VkTVVuVk1XbUYyZUhwRmNFZFRXbk41TlhGTVUzQXdkM0o0UzJOdGRVeFVXRlJPTDBkbFlXY3JSV1pGYlUxT1RIQkVhR0pRVjI5cllqaEdTRVpQVkZsUWVFYzVkVVZ1T0dFNVpVOTJUREU0TmxNck4yTjZSRGRQUjBSYVdrNVZZMms0WW5SRVNYaHpPVzFhZVhSeVR6aFNka2cxVVZoSFpsbEhja0l3ZVdGSFJVRnpOM3BUV1ZWc1FqSjBOSGwyY1hwNE1XbHJUa0ZxWkc5emNsQkRPREY1UlRoc2NteEZSbUZFYjNkd2FUaFRTRXhrUjJGNVJFaEVOVGxJWjA5Q1RITlpZbFZLWWxWeWQwOVVUQ3REVERSUE1URXJUVlJTTkVwRmNsbE9kbkZwUlVSak0yZGpUMGhNTUZObmQwWkpVbll6ZGpadFFYaFFVWEJqZWtZMmJIcFhSM0pQZVVsTGFXVk1LM0ZCYkU5NVZtcERlVXhrUTJVckwyTnpOM05zY1c1amVYQnRUMlpMWXpGVmNGSXJWR3h5ZFVOeGVYUllaRXBqWjFWcFduWm1iR0o0WTJGRlNIcE5kVWsxT1ROQk5VMVdWRlJRVkd0dFpHOUlRVzl0VVZkeU5WZHBVemN5WmtvclVIaE9hVEJKZEZwa01rUlJkSHBVVGxGMUsyWkpRMlptVDNjeWRYQjZaVlJtUm5ONlZtOVNZMUZXTkUweGEwdHVSRUpRT1VKYVRreGpRa1J6YW0wdldEZ3hVblJNYVdWUlBRPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=437136484&sid=2022021607212186af4c5044eb4fbad5 HTTP 302
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=shytobuy.de&s1=721614&s2=&s3=437136484&s5=wc

144 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

r2.php Show response
1redirc.com/
Redirect Chain

http://praamountplus.com/
https://praamountplus.com/
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JM...

4 KB
3 KB

692ms
166ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JMjWv38g%2Fo%2FPqBVxWV5igUcE3eoiGu1kVmKiKHBdRpjMUaqauqrd0mjnjUijxTeFbdqwfztX9hll1F2oTz8ewMg7K0Zpz33%2BNkSQAL5mMxZZLsxyydbQ3KJBZ9Rif%2BEicf1Ea12%2BbDm6KWeSse3i9eh5douTGRRUfD1J0ztkqVAxiUzImoLoNyZJKgkYE%2FNGO0vTCqZntjExEvZZKR2VoKIN3%2FN97yl%2B2fhlYKt2sCYCtRsVtJqP2z7uA0bvIIhPmcWEHUTIxjgAzOS%2BT2V4%2B9Y4P%2B0E2DJ%2FQpYtJZPGKbxqkF5hrUW5Suxc8wR5BRknJPjdsi0f%2ByXdJPO3bpvEvfat1v%2B7R%2FCObrzD7r47AUVdwWbDJgKwegTTFp%2BS7tzCrOxCw0WByy6riBpEho1J%2BPuLta7KuM5lQzZ%2FJZ2ZGYM%2BQJwVClAmtVal6gHmzOpaSg7sR0UyQkmdzmlksKf3QPRI7qEoS8kMcXTh5ilsOc6Kpg34DpGewtJ0MKnkbvWOO1ZKm2bbAORgpNezkIt7arGJX5GQs%2Fzxa5EnMpWvFfkXQRR27q6Jp%2FPf%2BoMtgdl3bKqoItfZLYW2ogzgDUA3wOTE7Jq6lDfua8S6o5uaLlt7Xosoj2E9g%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 67405cfc3de628adb9e825fbf92871dd6dc89e4760d028df60a9f97160d85698

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 15 Feb 2022 20:21:22 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2316
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 15 Feb 2022 20:21:21 GMT
Server: Apache/2.4.25 (Debian)
Location: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JMjWv38g%2Fo%2FPqBVxWV5igUcE3eoiGu1kVmKiKHBdRpjMUaqauqrd0mjnjUijxTeFbdqwfztX9hll1F2oTz8ewMg7K0Zpz33%2BNkSQAL5mMxZZLsxyydbQ3KJBZ9Rif%2BEicf1Ea12%2BbDm6KWeSse3i9eh5douTGRRUfD1J0ztkqVAxiUzImoLoNyZJKgkYE%2FNGO0vTCqZntjExEvZZKR2VoKIN3%2FN97yl%2B2fhlYKt2sCYCtRsVtJqP2z7uA0bvIIhPmcWEHUTIxjgAzOS%2BT2V4%2B9Y4P%2B0E2DJ%2FQpYtJZPGKbxqkF5hrUW5Suxc8wR5BRknJPjdsi0f%2ByXdJPO3bpvEvfat1v%2B7R%2FCObrzD7r47AUVdwWbDJgKwegTTFp%2BS7tzCrOxCw0WByy6riBpEho1J%2BPuLta7KuM5lQzZ%2FJZ2ZGYM%2BQJwVClAmtVal6gHmzOpaSg7sR0UyQkmdzmlksKf3QPRI7qEoS8kMcXTh5ilsOc6Kpg34DpGewtJ0MKnkbvWOO1ZKm2bbAORgpNezkIt7arGJX5GQs%2Fzxa5EnMpWvFfkXQRR27q6Jp%2FPf%2BoMtgdl3bKqoItfZLYW2ogzgDUA3wOTE7Jq6lDfua8S6o5uaLlt7Xosoj2E9g%3D%3D
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jscheck.js Show response
1redirc.com/javascript/ 899 B
718 B 162ms
161ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/jscheck.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JMjWv38g%2Fo%2FPqBVxWV5igUcE3eoiGu1kVmKiKHBdRpjMUaqauqrd0mjnjUijxTeFbdqwfztX9hll1F2oTz8ewMg7K0Zpz33%2BNkSQAL5mMxZZLsxyydbQ3KJBZ9Rif%2BEicf1Ea12%2BbDm6KWeSse3i9eh5douTGRRUfD1J0ztkqVAxiUzImoLoNyZJKgkYE%2FNGO0vTCqZntjExEvZZKR2VoKIN3%2FN97yl%2B2fhlYKt2sCYCtRsVtJqP2z7uA0bvIIhPmcWEHUTIxjgAzOS%2BT2V4%2B9Y4P%2B0E2DJ%2FQpYtJZPGKbxqkF5hrUW5Suxc8wR5BRknJPjdsi0f%2ByXdJPO3bpvEvfat1v%2B7R%2FCObrzD7r47AUVdwWbDJgKwegTTFp%2BS7tzCrOxCw0WByy6riBpEho1J%2BPuLta7KuM5lQzZ%2FJZ2ZGYM%2BQJwVClAmtVal6gHmzOpaSg7sR0UyQkmdzmlksKf3QPRI7qEoS8kMcXTh5ilsOc6Kpg34DpGewtJ0MKnkbvWOO1ZKm2bbAORgpNezkIt7arGJX5GQs%2Fzxa5EnMpWvFfkXQRR27q6Jp%2FPf%2BoMtgdl3bKqoItfZLYW2ogzgDUA3wOTE7Jq6lDfua8S6o5uaLlt7Xosoj2E9g%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JMjWv38g%2Fo%2FPqBVxWV5igUcE3eoiGu1kVmKiKHBdRpjMUaqauqrd0mjnjUijxTeFbdqwfztX9hll1F2oTz8ewMg7K0Zpz33%2BNkSQAL5mMxZZLsxyydbQ3KJBZ9Rif%2BEicf1Ea12%2BbDm6KWeSse3i9eh5douTGRRUfD1J0ztkqVAxiUzImoLoNyZJKgkYE%2FNGO0vTCqZntjExEvZZKR2VoKIN3%2FN97yl%2B2fhlYKt2sCYCtRsVtJqP2z7uA0bvIIhPmcWEHUTIxjgAzOS%2BT2V4%2B9Y4P%2B0E2DJ%2FQpYtJZPGKbxqkF5hrUW5Suxc8wR5BRknJPjdsi0f%2ByXdJPO3bpvEvfat1v%2B7R%2FCObrzD7r47AUVdwWbDJgKwegTTFp%2BS7tzCrOxCw0WByy6riBpEho1J%2BPuLta7KuM5lQzZ%2FJZ2ZGYM%2BQJwVClAmtVal6gHmzOpaSg7sR0UyQkmdzmlksKf3QPRI7qEoS8kMcXTh5ilsOc6Kpg34DpGewtJ0MKnkbvWOO1ZKm2bbAORgpNezkIt7arGJX5GQs%2Fzxa5EnMpWvFfkXQRR27q6Jp%2FPf%2BoMtgdl3bKqoItfZLYW2ogzgDUA3wOTE7Jq6lDfua8S6o5uaLlt7Xosoj2E9g%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 20:21:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Jan 2022 12:05:23 GMT
Server: Apache/2.4.25 (Debian)
ETag: "383-5d53926b806c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 405

GET
H/1.1 200
OK swfobject.js Show response
1redirc.com/javascript/ 10 KB
4 KB 394ms
237ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/swfobject.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JMjWv38g%2Fo%2FPqBVxWV5igUcE3eoiGu1kVmKiKHBdRpjMUaqauqrd0mjnjUijxTeFbdqwfztX9hll1F2oTz8ewMg7K0Zpz33%2BNkSQAL5mMxZZLsxyydbQ3KJBZ9Rif%2BEicf1Ea12%2BbDm6KWeSse3i9eh5douTGRRUfD1J0ztkqVAxiUzImoLoNyZJKgkYE%2FNGO0vTCqZntjExEvZZKR2VoKIN3%2FN97yl%2B2fhlYKt2sCYCtRsVtJqP2z7uA0bvIIhPmcWEHUTIxjgAzOS%2BT2V4%2B9Y4P%2B0E2DJ%2FQpYtJZPGKbxqkF5hrUW5Suxc8wR5BRknJPjdsi0f%2ByXdJPO3bpvEvfat1v%2B7R%2FCObrzD7r47AUVdwWbDJgKwegTTFp%2BS7tzCrOxCw0WByy6riBpEho1J%2BPuLta7KuM5lQzZ%2FJZ2ZGYM%2BQJwVClAmtVal6gHmzOpaSg7sR0UyQkmdzmlksKf3QPRI7qEoS8kMcXTh5ilsOc6Kpg34DpGewtJ0MKnkbvWOO1ZKm2bbAORgpNezkIt7arGJX5GQs%2Fzxa5EnMpWvFfkXQRR27q6Jp%2FPf%2BoMtgdl3bKqoItfZLYW2ogzgDUA3wOTE7Jq6lDfua8S6o5uaLlt7Xosoj2E9g%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JMjWv38g%2Fo%2FPqBVxWV5igUcE3eoiGu1kVmKiKHBdRpjMUaqauqrd0mjnjUijxTeFbdqwfztX9hll1F2oTz8ewMg7K0Zpz33%2BNkSQAL5mMxZZLsxyydbQ3KJBZ9Rif%2BEicf1Ea12%2BbDm6KWeSse3i9eh5douTGRRUfD1J0ztkqVAxiUzImoLoNyZJKgkYE%2FNGO0vTCqZntjExEvZZKR2VoKIN3%2FN97yl%2B2fhlYKt2sCYCtRsVtJqP2z7uA0bvIIhPmcWEHUTIxjgAzOS%2BT2V4%2B9Y4P%2B0E2DJ%2FQpYtJZPGKbxqkF5hrUW5Suxc8wR5BRknJPjdsi0f%2ByXdJPO3bpvEvfat1v%2B7R%2FCObrzD7r47AUVdwWbDJgKwegTTFp%2BS7tzCrOxCw0WByy6riBpEho1J%2BPuLta7KuM5lQzZ%2FJZ2ZGYM%2BQJwVClAmtVal6gHmzOpaSg7sR0UyQkmdzmlksKf3QPRI7qEoS8kMcXTh5ilsOc6Kpg34DpGewtJ0MKnkbvWOO1ZKm2bbAORgpNezkIt7arGJX5GQs%2Fzxa5EnMpWvFfkXQRR27q6Jp%2FPf%2BoMtgdl3bKqoItfZLYW2ogzgDUA3wOTE7Jq6lDfua8S6o5uaLlt7Xosoj2E9g%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 20:21:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Jan 2022 12:05:23 GMT
Server: Apache/2.4.25 (Debian)
ETag: "27ef-5d53926b806c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1 200
OK jscheck.php
1redirc.com/ 0
166 B 355ms
188ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/jscheck.php?enc=WWsvODFFczZieUo2MDRiQmh3MTIrWDQ5ZmpKTVlVNVNNbmxvYmpBck9WZzRjR3BQT1VKTFRXZGliblp6VGpGUmVXcHRZVGhpWlcxVVdYaFlaVXAzUzJsTVkySmthMUpwZDBsbWQzcFNVSFJ5V0UxTVZEUmpiaTlRVmpKMVFsazRlVEIzY1dONVRXOVBTR0pwUmpVek4ybFlkWHBzV2tRemJHOWtVbGxPTDFCUkx5dEVTRkZ2ZWpZMlYxZGFNMk51VTJKMFJsQXZMMWtyVlhZd1JGUjVaWE5JYzNSMVRYWnZiMWxvZDFoVmRsTldhakV6UlZFMVZsTm5hbXhMZVhWalZsVmhZemNyTlcxWVdYQTBTbUpGTlVOcVNIRndZMEl6VTJ0MFRtOVNaRVp0VkhnNVprVnBlR280UkZKaWMzbGlZV2x0YlRoR2FIcEVaRFJTZVZka1JuaEJSSFZFZGsxTlFYcHVTa0V3YkcwdmNVMU9WRWxWV1U5eFEyVlpVbXAyYkZKT09ETm5kWFZVUkVGelNVWk5RbXBWZVZSc1JWZFViRWQ2WTNGRFdsSk9kSFpVY0RRME4yaEdaVlJNY2k4elowVlpNU3RtU0M5QmMwZEZTV1V3VlVsbFFVdFhOVk5DV1RFeWIxQjZRMWN4S3pWWFZtSjZkVEJRT0ZGbFIzTlJTa3RWU25WV1RHZ3pLMXBYVW05UE9YZE9RM2wzZWxKTFZ6VmFhVWhhVDJ0S1lUWlFaRzh6UTNsNVdGbHBlVFZ1YTBKYWJUSXJOVWN5TTNwUE5uVlNla1JpZWsxb1UwMHdaRlJSY0VkTVVuVk1XbUYyZUhwRmNFZFRXbk41TlhGTVUzQXdkM0o0UzJOdGRVeFVXRlJPTDBkbFlXY3JSV1pGYlUxT1RIQkVhR0pRVjI5cllqaEdTRVpQVkZsUWVFYzVkVVZ1T0dFNVpVOTJUREU0TmxNck4yTjZSRGRQUjBSYVdrNVZZMms0WW5SRVNYaHpPVzFhZVhSeVR6aFNka2cxVVZoSFpsbEhja0l3ZVdGSFJVRnpOM3BUV1ZWc1FqSjBOSGwyY1hwNE1XbHJUa0ZxWkc5emNsQkRPREY1UlRoc2NteEZSbUZFYjNkd2FUaFRTRXhrUjJGNVJFaEVOVGxJWjA5Q1RITlpZbFZLWWxWeWQwOVVUQ3REVERSUE1URXJUVlJTTkVwRmNsbE9kbkZwUlVSak0yZGpUMGhNTUZObmQwWkpVbll6ZGpadFFYaFFVWEJqZWtZMmJIcFhSM0pQZVVsTGFXVk1LM0ZCYkU5NVZtcERlVXhrUTJVckwyTnpOM05zY1c1amVYQnRUMlpMWXpGVmNGSXJWR3h5ZFVOeGVYUllaRXBqWjFWcFduWm1iR0o0WTJGRlNIcE5kVWsxT1ROQk5VMVdWRlJRVkd0dFpHOUlRVzl0VVZkeU5WZHBVemN5WmtvclVIaE9hVEJKZEZwa01rUlJkSHBVVGxGMUsyWkpRMlptVDNjeWRYQjZaVlJtUm5ONlZtOVNZMUZXTkUweGEwdHVSRUpRT1VKYVRreGpRa1J6YW0wdldEZ3hVblJNYVdWUlBRPT0%3D&rand=0.6918641680791406
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JMjWv38g%2Fo%2FPqBVxWV5igUcE3eoiGu1kVmKiKHBdRpjMUaqauqrd0mjnjUijxTeFbdqwfztX9hll1F2oTz8ewMg7K0Zpz33%2BNkSQAL5mMxZZLsxyydbQ3KJBZ9Rif%2BEicf1Ea12%2BbDm6KWeSse3i9eh5douTGRRUfD1J0ztkqVAxiUzImoLoNyZJKgkYE%2FNGO0vTCqZntjExEvZZKR2VoKIN3%2FN97yl%2B2fhlYKt2sCYCtRsVtJqP2z7uA0bvIIhPmcWEHUTIxjgAzOS%2BT2V4%2B9Y4P%2B0E2DJ%2FQpYtJZPGKbxqkF5hrUW5Suxc8wR5BRknJPjdsi0f%2ByXdJPO3bpvEvfat1v%2B7R%2FCObrzD7r47AUVdwWbDJgKwegTTFp%2BS7tzCrOxCw0WByy6riBpEho1J%2BPuLta7KuM5lQzZ%2FJZ2ZGYM%2BQJwVClAmtVal6gHmzOpaSg7sR0UyQkmdzmlksKf3QPRI7qEoS8kMcXTh5ilsOc6Kpg34DpGewtJ0MKnkbvWOO1ZKm2bbAORgpNezkIt7arGJX5GQs%2Fzxa5EnMpWvFfkXQRR27q6Jp%2FPf%2BoMtgdl3bKqoItfZLYW2ogzgDUA3wOTE7Jq6lDfua8S6o5uaLlt7Xosoj2E9g%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 20:21:22 GMT
Server: Apache/2.4.25 (Debian)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

a
lookandfind.me/s/
Redirect Chain

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D437136484%26sid%3D2022021607212186af4c5044eb4fbad5&s=j&enc=WWsvODFFczZieUo2MDRiQmh3MTIrWDQ5ZmpKTVlVNVNNbmxv...
https://clever-redirect.com/s/r6?s=721614&s3=437136484&sid=2022021607212186af4c5044eb4fbad5
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=shytobuy.de&s1=721614&s2=&s3=437136484&s5=wc

376 B
741 B

58ms
24ms

Document
text/html

157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=shytobuy.de&s1=721614&s2=&s3=437136484&s5=wc
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.24
content-length: 376
content-type: text/html; charset=UTF-8
date: Tue, 15 Feb 2022 20:21:23 GMT
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

Redirect headers

referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
location: https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=shytobuy.de&s1=721614&s2=&s3=437136484&s5=wc
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 15 Feb 2022 20:21:23 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27

GET
H2 200 r
lookandfind.me/s/ 306 B
336 B 15ms
15ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D22721%26id%3D926315%26pref1%3D42ebee57a89e34631d65c6767b76d539%26pref2%3DDE&h=37edaa83f65e99a32fb82ddb960d8136
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=shytobuy.de&s1=721614&s2=&s3=437136484&s5=wc

Response headers

referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.24
content-length: 306
content-type: text/html; charset=UTF-8
date: Tue, 15 Feb 2022 20:21:23 GMT
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

GET
H2

200

Primary Request / Show response
www.shytobuy.de/
Redirect Chain

https://www.awin1.com/awclick.php?mid=22721&id=926315&pref1=42ebee57a89e34631d65c6767b76d539&pref2=DE
https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

117 KB
23 KB

300ms
252ms

Document
text/html

2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Requested by

Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D22721%26id%3D926315%26pref1%3D42ebee57a89e34631d65c6767b76d539%26pref2%3DDE&h=37edaa83f65e99a32fb82ddb960d8136

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.13

Resource Hash

42ee2579a672fac0e0a1b8140f786a04e5f0801a08356543ef80fbf3e05d2af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D22721%26id%3D926315%26pref1%3D42ebee57a89e34631d65c6767b76d539%26pref2%3DDE&h=37edaa83f65e99a32fb82ddb960d8136

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.13
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate no-cache, private
pragma: no-cache
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEVL3T3SmqE6SNJtzAY52cEWmmIidNkdxBqFmwJo7KqpnocFUFUz1Km%2FQnMYjXdEfDtZk7kvwTJ4GYTudvZ1d69%2BXPRVBxgDGMrbpxC43JSVpEHAvtedcucU4eCckiZEahRgmSRe%2Bkyd%2BSua3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6de13e078e7d5ca4-FRA
content-encoding: br

Redirect headers

Content-Length: 0
Location: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
Allow: GET
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date: Tue, 15 Feb 2022 20:21:23 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H2 200 usp-icon.ttf
www.shytobuy.de/assets/shytobuy/fonts/usp-icons/ 44 KB
45 KB 37ms
36ms Font
application/x-font-ttf 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shytobuy.de/assets/shytobuy/fonts/usp-icons/usp-icon.ttf

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

030402328b337e6826de921d73c35ca78b00d5023f69cd3f8bc755fd90f3d07f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
Origin: https://www.shytobuy.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576
vary: Accept-Encoding
content-length: 45260
x-xss-protection: 1; mode=block
last-modified: Mon, 10 May 2021 11:50:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "b0cc-60991df2-f88fb201905bb67e;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCUj%2B5VlSV%2FtI5kV%2BwQsZHSKp0kgOrgatrMNzSDR6CZRWXUkRCm5Yohdy01K3TFQ9xfv3WEBX6pi4b%2BP7ur522xMJdQY7%2F4%2BMB3y7geYhZTRebiOCqJGFaI2WQMW6%2F0hVeUoSIi94H1PnOem%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e096b1e5ca4-FRA

GET
H2 200 opensans-semibold-webfont-webfont.woff2
www.shytobuy.de/assets/shytobuy/fonts/opensans-semibold/ 18 KB
19 KB 36ms
34ms Font
font/woff2 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shytobuy.de/assets/shytobuy/fonts/opensans-semibold/opensans-semibold-webfont-webfont.woff2

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a126e3a96f4f3d08f6bfc91cebed7303be9bef796c024a9b2419bcb5fbf66097

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
Origin: https://www.shytobuy.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4658
vary: Accept-Encoding
content-length: 18548
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Nov 2020 09:03:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "4874-5faba8c6-d85177f9cf277202;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afbKdcuNy2Iu0OpjpLxpk7%2FWlIjicdUIi8GR818nCfUSZ2S4WVeZX60YAWhcGyCvJ2V7eOZCgIqkZrOHl4YnRhMAiHsMqfqjdbCZc7%2BX8Qd1wDG9NKw99tVnZ4AxfcnFfqfpEdeyUBgz1S8koA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e096b225ca4-FRA

GET
H2 200 opensans-light-webfont-webfont.woff2
www.shytobuy.de/assets/shytobuy/fonts/opensans-light/ 17 KB
18 KB 61ms
60ms Font
font/woff2 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shytobuy.de/assets/shytobuy/fonts/opensans-light/opensans-light-webfont-webfont.woff2

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b111bae6fafeab9e2767cc928149b589cdf935a5c9948c8c475201037b39b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
Origin: https://www.shytobuy.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576
vary: Accept-Encoding
content-length: 17828
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Nov 2020 09:03:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "45a4-5faba8c6-8927af7032d6baf4;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ty4WAqAOBbz%2BHcrgjuxje%2BJgNxISTwFgG3E0qBqzFwYiqJqs36SHkAVpO11WSd1i4sYdSqX%2FKG9ZYDSCTisxk7glH3HYaKv%2BkGAQdAnEbB3RLuCetJwv9ZpOxrGaBWTEZEq3EMcZZQyzo%2Bscw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e096b245ca4-FRA

GET
H2 200 opensans-regular-webfont-webfont.woff2
www.shytobuy.de/assets/shytobuy/fonts/opensans-regular/ 18 KB
18 KB 65ms
64ms Font
font/woff2 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shytobuy.de/assets/shytobuy/fonts/opensans-regular/opensans-regular-webfont-webfont.woff2

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10446b66691ce8de620591bf09ed26c1de07d7d991b439d760c95b4126467656

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
Origin: https://www.shytobuy.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576
vary: Accept-Encoding
content-length: 18352
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Nov 2020 09:03:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "47b0-5faba8c6-a3e9f481f0994edd;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bP66NtminQknZxY78o2TbfM%2Br09TyfRRE4ShYIy09kyfLkbmLTfrietXU7%2BkL9E5G6ZSeSnR7DGDG%2FOMuUanEGuWaaZ0%2Foe%2B6MRSvUGnzzBJhuCY16It6t0ardOUcUu3rY3x6tWSnaDg9HUwrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e096b285ca4-FRA

GET
H2 200 OpenSans-Bold-webfont.woff
www.shytobuy.de/assets/shytobuy/fonts/opensans-bold/ 20 KB
20 KB 86ms
85ms Font
application/font-woff 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shytobuy.de/assets/shytobuy/fonts/opensans-bold/OpenSans-Bold-webfont.woff

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f21a07b8173a59a6cdf3f46d46a4bd1b14e4146d4e1c80a543021a6d69b2fe8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
Origin: https://www.shytobuy.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Nov 2020 09:03:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"50c4-5faba8c6-cd369bc4de7c27c;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCWSVsHd%2FEqLcQ2oHX8yiOtfVSAaCMV1NouKWwKMrj1ZFKUbQtXNgR73%2BWirKreaCuK%2BX%2BLtaUBD3Qp10%2BS5BlnNS%2Fn1FJBXIO1TKhx%2Fq4AzWXzzS5O82MTBbJfNSDuS02r8lPiCm3xeSyHEsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6de13e096b365ca4-FRA

GET
H2 200 main.css
www.shytobuy.de/assets/shytobuy/css/ 325 KB
59 KB 55ms
55ms Stylesheet
text/css 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shytobuy.de/assets/shytobuy/css/main.css?ver=4.46

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d83d5b85169ec057e50d2cde35b8fe806c5479f1cbc18e9b48f7810d80873312

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 469728
cf-bgj: minify
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Feb 2022 13:21:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"51033-61fa855d-2af1de7553cfbb5e;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hel2%2BW4XPkiO55zIEOjkk5RR2X9B87wo%2FOj7Gbt8WV20yQbq96TUoEMPxR1HjFWGOqFNe4iCF4INQg6KvAeVU2qTR6V4tywJWcObplxO8W0DIEpCjFXEa7j9VeTiW%2FiRTNZQdf0uJI9LmUYqtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6de13e096b325ca4-FRA
expires: Fri, 10 Feb 2023 09:52:36 GMT

GET
H2 200 homePage.css
www.shytobuy.de/assets/shytobuy/css/ 12 KB
4 KB 96ms
96ms Stylesheet
text/css 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shytobuy.de/assets/shytobuy/css/homePage.css?v=256

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1c8d19e892d90f7fcece0121eb068639e12944716a97808ce9312fcd839877

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Mar 2021 13:05:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"30bf-60589636-d93dc4f821b2e17a;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6pXOyoTfxa13MDY%2F6NfZwVfumj0V9AnHDhFj0065WUrXqZ7UTI3gSiVFAsMQPvBT%2FcvH06j%2B3wV6gTBoGyDH1xjZL%2BH1zy%2FrADea5qlSYRPE6jXsfVz94eAQBSCH2ggTrLwEYgNBcxayOrvmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6de13e096b395ca4-FRA
expires: Wed, 15 Feb 2023 20:21:24 GMT

GET
H2 200 logo.png
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/ 2 KB
3 KB 48ms
43ms Image
image/webp 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/logo.png

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f88c018173cda6e4f60ced5814edecaab6f1acced5a909a9ea46ce29923369ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1035442
cf-polished: origFmt=png, origSize=4530
content-disposition: inline; filename="logo.webp"
vary: Accept
content-length: 2514
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Aug 2020 08:29:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "11b2-5f31055d-fb23655e0678e386;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUSU0nQ%2BEiF1LVqq3DlC73OPUDHJQpMUG9fVBeKH5%2Fq2NCWrUknj%2FewTXMix5VHc0b%2Fq%2FzSkwwBAqWrlZBIUxqjDLseO3jRhfD5s6i6eN64eswdzHY7dBbt62g8aoV%2Fv8aX8rbHBDJcEb0QxUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 03 Feb 2023 20:44:02 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e097b4c5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 searchIcon.png
www.shytobuy.de/assets/shytobuy/images/ 352 B
779 B 46ms
40ms Image
image/webp 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/images/searchIcon.png

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6286c7048a4a46366969030585bf568f6c4f1d24dd561d437d74459825bf7358

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 522891
cf-polished: origFmt=png, origSize=1564
content-disposition: inline; filename="searchIcon.webp"
vary: Accept
content-length: 352
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Jan 2021 06:00:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61c-5ff4006b-1391f3a7e0a32849;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcfrRuMnM%2FrEbrOVhOmWoiOtT7kbCG2coaRvRA3BfSARcmDkrB7gM7wU8BODKDZmkHM3Ah36c1A%2BVe9uc5mvMopgHkGV0buk0OX4RuUIaWuWCJN7OTUlb65LmrDv9ZLTyIj7fWidj85SM%2F%2BVtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 09 Feb 2023 19:06:33 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e097b4e5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 callIcon.png
www.shytobuy.de/assets/shytobuy/images/ 632 B
1 KB 56ms
51ms Image
image/webp 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/images/callIcon.png

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caacd9ee5a2841279f9be4df420753557d1c5659a26b3495c86c3eb15f9cdb74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1862023
cf-polished: origFmt=png, origSize=2087
content-disposition: inline; filename="callIcon.webp"
vary: Accept
content-length: 632
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Jan 2021 06:00:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "827-5ff4006b-280a6185eea187fa;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5VdDOSd01vtM1tatGCqgsipj0aOJT2BV5GtkOH0FSsmNLRLsp0B0%2BeGu5d12eGUaq0Ig6a4UNiZd7R3tkLFDlFfxOK70rrCg1Hpg5W0gAHJhp1oSLAcvtB%2Frv8YGblFZHsaP3N4u5m%2Bg4s0dA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 25 Jan 2023 07:07:41 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e097b525ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 chatIcon.png
www.shytobuy.de/assets/shytobuy/images/ 540 B
967 B 65ms
59ms Image
image/webp 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/images/chatIcon.png

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e041c7f4900bd38e8679d1a4dcd080fa77f85c3ec1851ab8dff014d9f2aa734

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1035573
cf-polished: origFmt=png, origSize=1697
content-disposition: inline; filename="chatIcon.webp"
vary: Accept
content-length: 540
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Jan 2021 06:00:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6a1-5ff4006b-f67e101057315511;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5ZR2Wa05vLjIsgCAFHJ65VDimoEbsMWP9MFydYcBcYEtFeAs2Qip7qEILYbjnrZaez3I1wcDDpLKxE1%2FUkT87ErwZQd%2B8Pfvk0LKKSY9e49cE%2FHevwLSMEbIAh8%2BP7Qdx6LH47A5Ya%2Bwt3Nxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 03 Feb 2023 20:41:51 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e097b545ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 cartIcon.png
www.shytobuy.de/assets/shytobuy/images/ 532 B
987 B 65ms
60ms Image
image/webp 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/images/cartIcon.png

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26624e073695efac2c94a1fdebc8c9c2da2cd82dbc3544757fe7ce58ae605f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1862025
cf-polished: origFmt=png, origSize=1818
content-disposition: inline; filename="cartIcon.webp"
vary: Accept
content-length: 532
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Jan 2021 06:00:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "71a-5ff4006b-a9975107816b553a;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOVSF0bSUYPV4WCFJbjh0rnwH0Z4DwD4Mvo9DahPSMwJAqRO4UFZqURB4OheDUblBAykq%2FG%2Bf63%2BFqBdjL8rT%2BXYOwqWCb6p%2FnCgwFUjUbrA%2FXrmOBDCdQrzS4347KZjA9OWwPLAj068Oa7L%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 25 Jan 2023 07:07:39 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e097b565ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 klarna-logo2.png
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/ 2 KB
3 KB 42ms
37ms Image
image/webp 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/klarna-logo2.png

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31cc1fa66917274fe3248969946dddee29c54bfb5e3c198e4118bae72bc962ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10843
cf-polished: origFmt=png, origSize=2796
content-disposition: inline; filename="klarna-logo2.webp"
vary: Accept
content-length: 2292
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:30:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "aec-615318fa-8ea49b458b6806d0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28IgFFISm1cGgDRa6o2FJG1gI%2BwVPDDrzD%2F36CwAsvYULpZtCISRGKu%2FtV4yWQwpNQb7yH5kkhoSX%2FSn5F%2FXXjGzdLgxIRUvPwif9s2o%2Bs9OzV6A%2BUC90wUQgA6oCGiRdqPsi7QZILryJSAo5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 15 Feb 2023 17:20:41 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e097b575ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 shyde-service-banner-home-new.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/home_banner/ 52 KB
53 KB 54ms
50ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/home_banner/shyde-service-banner-home-new.jpg?v=1

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9c0dee2fbfe7831d39b96163855b9d469d42e919c193172390804cb5336c10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128664
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 53717
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:27:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d1d5-61531829-9b018264c56d7b6a;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQvQ4fVCUFv%2FPcLXYywrWrXXxu6qhCbWIstyYVlHpIlXcWUAJOdnZYR8nKB3%2BFTSYbL%2BDebv79wljQXl%2FPnSHfFSouaHME93QMIXrXAfWasx9%2BLAaoxgiwOhjPFknT8i1RgdLYanVVJYjQ31Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 14 Feb 2023 08:37:00 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e097b585ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 shyde-viaman-home-page-banner1.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/home_banner/ 46 KB
47 KB 64ms
59ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/home_banner/shyde-viaman-home-page-banner1.jpg?v=1

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294da8ae576ea40d68f310dd03327328ce475842bcb15d80e58277101105366a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 561937
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 47346
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:27:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "b8f2-61531825-cfd0b5ffc2beefcd;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AU0FLGwzRWZYiKcNd3Fwv9Gv5JOVPJlb%2FqbqB6Az%2BmklRFZs%2Bsb82qWmIhuyA1xSecefU3o4vDUu%2B5WfWHWfYMruCsSjuBDOl66CibvR9%2Bm3DnSgqmRsgJ9N%2FoUauBvkOCKkgixV9QXHXiQyCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Thu, 09 Feb 2023 08:15:47 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e097b595ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 viaher-de-home-page-banner.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/home_banner/ 64 KB
65 KB 49ms
44ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/home_banner/viaher-de-home-page-banner.jpg?v=1

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

738c53f4e44a779f7b83e4903542d03ac6d2835db69710c3a26e1afdd4c06778

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128664
cf-polished: origSize=71914, status=webp_bigger
vary: Accept-Encoding
content-length: 65636
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 12:10:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "118ea-615d9222-7c92f8a1686fdacd;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wt6JiAffC69djq6qXEimHfekaLZap9K0vVJlF8g4hwHA0z5Z2SS7EEFX8o0kHa8Uep4XMYk%2FOR3a3XNYB4og%2FOWHwXqUW57x8j%2F0ehy6taX%2BYbfTxnFPbP7hSWhEETt%2B78vaT0fhxcL2wu45xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 14 Feb 2023 08:37:00 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e097b5b5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 skin-lightening-home-167574077_135.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/category_domain/home/ 8 KB
8 KB 49ms
44ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/category_domain/home/skin-lightening-home-167574077_135.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f64360c9883052e74fd818dee717892c2f5c30aa00093acafb4b60c89bad703

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1842165
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 7844
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:28:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1ea4-61531866-aab9fdbc5bfe28f6;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsNX2XBSvhcucL0Ta8uzFs9DS43vS%2FU63sVHvBRkF5o54TH0bZcw1IlzB54oVxZjH37ijLDmKEdNtTMj4plVREoW6H7w3999tOF5ByhrgWz%2B5v%2BWPmjwS1caZ5LX26ZAs96seQ1azP%2Fwf9Ij%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 12:38:39 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e097b5c5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 teeth-whitining_157.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/category_domain/home/ 12 KB
12 KB 56ms
51ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/category_domain/home/teeth-whitining_157.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70998ec864b63bb5d4220a043db7475094773324e1c001dcba5d360905766c9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 98852
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 11778
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:28:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2e02-61531867-23f6da0713f18dc3;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDQJpOeSgYD9DDfxzvJhXZlpR3Mfu2jOiDb%2FNDcUr6E6CU5ocNtuF0LUehHeXDJ29NNnadA2pHXnztzj0C9dA9uRH654CJ94aVGb0NCac7BF3c6h9k86NCMpCOgVWLwfR3OZsmR3RKShHF9udg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 14 Feb 2023 16:53:52 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e097b655ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 thinning-hair-home_178.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/category_domain/home/ 21 KB
21 KB 52ms
48ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/category_domain/home/thinning-hair-home_178.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13794552fab4e8f8bff0be17c0b506921655b5699f73049990293f33091941f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128664
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 21312
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:28:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5340-6153186a-b5d192b80b8cc60a;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATHeYoSgLap%2BGvXbjyMNAKhT0duiXsSDuxG6caaPt9qCVWFvmAJmeDLe%2FRe3IPI05BdmwRaFpUoTeNBOLxbsk%2BWxwEHXtv07HB2fK24nb6tt5FaDgU65vI%2FGxLNzj7A7ixWAjRm9VOA9e8vmqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 14 Feb 2023 08:37:00 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e097b665ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 male-enhancement-home_189.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/category_domain/home/ 15 KB
16 KB 40ms
36ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/category_domain/home/male-enhancement-home_189.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74492e111cec3b97b63e90ee0e62e714a69fb4db8527585a310db384cbd35e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 505914
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 15391
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:28:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "3c1f-6153186d-a243bc4f9a4a8d84;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hN%2B%2F2qQ9WOEJDqF3YzdYy%2BEhKztzjWJT8NCvZ50emI98wobur%2BEZsQS9Armz7xfHk8alOcURXvimtt5GAzOxqKxVlgJAOpMBMas5dRpV%2FZhKPU2d3gAA36GmOwYFA4HRFhsdcQ%2Bd0%2Fo8yChM0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Thu, 09 Feb 2023 23:49:30 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e097b675ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 emuaid-blue.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 13 KB
14 KB 44ms
40ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/emuaid-blue.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b5626c7b0857b3541aac4737d38b4ad92b9615b91f46af12479d5048c5e4cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130414
cf-polished: origSize=14997, status=webp_bigger
vary: Accept-Encoding
content-length: 13612
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Nov 2021 11:18:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "3a95-61826ff1-58e99d82f08e41ff;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0U1JFBQhdiZvR8wNy5erf992hhbyBzKyboOuoc6qf3XWsZo4N0ePSen013KjkaWyNObCc039YJ1V%2F4N22EZ4WAMvFULj%2Bpgi8Zj2ESfaKc4hopT29qTnyxrLJFj%2BWFZlJAaqSjmUeS4WvwwDVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 14 Feb 2023 08:07:50 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e097b685ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 emuaid-red.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 14 KB
15 KB 46ms
42ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/emuaid-red.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

822eefd63c78db9f4e0b497609e1fff82a64b2acb42fc5c11b084c5b14822812

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 893312
cf-polished: origSize=16252, status=webp_bigger
vary: Accept-Encoding
content-length: 14794
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Nov 2021 10:56:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "3f7c-61826ae1-9aa3f9fcdf80d088;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Og2WgmV7vWZusc4HqLpnlbVK8u21VSemKSVL4eAyDqENa6j1YJVdlemSuCG%2F8%2BH8dmtAcLGlo6yazAJv%2FOvraAZQN6HmCgOvcT8mYBl30X1b8sKkftk3W8J8UjbemsqupWXc4almdgQH%2B2x4KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sun, 05 Feb 2023 12:12:52 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b6a5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 selenium.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 15 KB
15 KB 43ms
39ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/selenium.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8c5f02c91a7758e1e35a7c701346957ad13875a52d6041ca1b39a9c1329d291

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1842165
cf-polished: origSize=16733, status=webp_bigger
vary: Accept-Encoding
content-length: 15336
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Sep 2021 06:09:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "415d-6149771c-5d684734f66f4930;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oa6sIKUUxZhgi%2FQ%2Fm4OfIYm3WfSGgiME3YyeFogdlIR5jcqH%2FKUaKD5Ydv1LPo%2BzqmFpgMZ5%2BDj%2FYM8yT0QIXGkpKMtvG%2BHzA5IAHQkC%2FD3cF%2Bz5m%2B6CdbxJUsHC2eg%2B07HfDzsrt5nBOsCN9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 12:38:39 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b6c5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 foligain-biotin-conditioner.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 9 KB
9 KB 80ms
76ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/foligain-biotin-conditioner.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9003cc2be93c9d9905c8f5279b5c3a0fc1bb6a2c64c04ef5a7218aa8f15cf94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1842165
cf-polished: origSize=10435, status=webp_bigger
vary: Accept-Encoding
content-length: 8940
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 11:15:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "28c3-61013c47-9340acb0e36f4ac4;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcXg0%2F%2FxfzlJaYjBo%2FMqqE0uEao5NN%2BTlfqI%2BDSEeC4Z99yj8JGkyJGOMEcN0dt%2FadVH40KXnU1tjwYVRt%2FUJ2sQ1EzOwnnVYiWCSlQtLYB7rvCud%2FwOIO%2BlK%2Ffncjm1N5dz5FdwG4%2B0R3Spaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 12:38:39 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b6f5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 cranberry-with-vitamin-c.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 16 KB
16 KB 54ms
50ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/cranberry-with-vitamin-c.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

669af987b4d05885604acdedc4dfd7eae5222007c61dbcd821266dd2d8c2bd66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1842165
cf-polished: origSize=17882, status=webp_bigger
vary: Accept-Encoding
content-length: 16103
x-xss-protection: 1; mode=block
last-modified: Tue, 11 May 2021 10:13:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "45da-609a58ce-c12bdd1314587b9e;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nK2adPudvFxjTFU0fGkEEkJjHUrBNxt6bhMBB0su3fqjlf8FR%2BIByxCSlVZX5GpG4Au333irRtNZ9wcnF3v7cYsZvCi2stKdvuDIYAC1SDNdwYtFLse7cWWW10LhFUVpwW%2BGVYQSpk1J7v9vFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 12:38:39 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b705ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 mysmile-toothpaste-toothbrush-kit-box-1.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 7 KB
7 KB 62ms
58ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/mysmile-toothpaste-toothbrush-kit-box-1.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38ebe1604a541ddcd3fab222ee4f70d323ae7e6eb10d3447922e072f1af1930c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1842165
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 6906
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1afa-615317cd-a0b8c0f25600eb86;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6U5y%2FGO7HW%2BtQOiikp3BWHs5NhyQZnL88QEjI%2BumtnPNSJlhPLNwSj9RaC4mnktpb2wEhZc7JbvhrPha8W0Qltnvd8NIh5%2F6uld3jf%2BnyKyl0hk22MDHpqJ6X8KmyEuEXTFsvSjvqi9SVPKx9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 12:38:39 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b715ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 viaman-tboost-1.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 9 KB
9 KB 57ms
54ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/viaman-tboost-1.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edb59f433f8191a7af6ecc0509c79c6b6929387fee15723d9ee382822b49e789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 505914
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 8920
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "22d8-615317c8-2e963c2ec20283d8;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8P8a4TQSznJFufe8DenMwMzjGl21Htdtux1ijvm71mOgo9H0h3X7pdXstsJ4oVYnUhQrY%2FmucGZmpvZ0m82qbcm4OikTphU7LiCZLcwRHaisuoT0Pw6Y2qAnWGdOIGqKX9%2BNNMmCNg0ZBxAMpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Thu, 09 Feb 2023 23:49:30 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b735ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 biotin-complex-1.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 9 KB
10 KB 45ms
41ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/biotin-complex-1.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22806d064064501e4e2667281f506301657a3e565188fbfbfbf3fa671a77c703

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130414
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 9454
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "24ee-615317ca-cccd65e4b6c42415;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2B0Ei2oTgIHOORXJ2Vq2E7rXdyk7jKJr43K3d%2BEOcvjX7nIi%2FbwFNrneS%2F6H8Pox7nj0fy5ZhXabAci3G6sp7pc6b%2B4sqpszG0Jc2JW%2BJvihvQA%2BMiwOcZGODikF5LdI%2BwaL4VtD2wm8H7%2FjcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 14 Feb 2023 08:07:50 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b745ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 viaher-pro-front.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 16 KB
17 KB 54ms
51ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/viaher-pro-front.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd1dfec2f062c14bd3d13b33434953aa3331f2b17720ee149bcdf7afb677275c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1704272
cf-polished: origSize=17836, status=webp_bigger
vary: Accept-Encoding
content-length: 16383
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 11:39:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "45ac-615d8adb-b0193ec4fdb4c161;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvylvhPJK7DMH3mPl3dwU5s%2Bg7Deyxpiutb2GlPQQ1P9%2BwgrFGIkm3WAEPpURb5NWCbZWouVUyQ%2BYZk%2Fo2YgBxW3RzkSCcIYBdsyDphgoGKUJSJuT7zCRP6WueBj1MXer9PQyhwp%2FpQ7IeGZFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Fri, 27 Jan 2023 02:56:52 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b785ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 viaman-delay-40ml-spray.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 4 KB
5 KB 46ms
42ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/viaman-delay-40ml-spray.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89afeb7ea7fb1e53b0a2fb1a6cbf27e442077c274df71d5b4c9192128e53eae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860276
cf-polished: origSize=4367, status=webp_bigger
vary: Accept-Encoding
content-length: 4343
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "110f-615317cb-6dc91e7ef324125b;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYQtnt8uQ1SfcWdEDlg9aeoKUEj8BY7dNFeN%2F9RIcsyKurrJz0BuZqyYlB9HYwlXK8aJKvVCYVLrBsXlmBw%2FvtLYHzVtxi%2BoqS20Q3LzwYH6JmLaTmhlJoTt9XM1Vkot3BSDZcTbDsKaQMxvVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 07:36:48 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b7e5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 maxsize-1-new.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 8 KB
9 KB 66ms
63ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/maxsize-1-new.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ebab84fbd212f2516b8297ad0907b739c15ace52b98e2f933b570e58e0ad014

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860276
cf-polished: origSize=8194, status=webp_bigger
vary: Accept-Encoding
content-length: 8191
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2002-615317cd-c49fdf3ff2c839ce;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCAMADwHlDiIZcDCcPNABZ3dZd2tmSxYT5Q2S8fJe5f3PJJfFz2IdkRlrE69QZOE9f%2B%2BiHn83ViAoumiSqBDkZV0x9Ebiyesf%2BJcNRFAoaUFZ0GNl8gaK%2Fe19s%2Bmaim3JowK%2FB41DsYU%2BQrA5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 07:36:48 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b835ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 gmax-x10.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 14 KB
15 KB 45ms
42ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/gmax-x10.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a067c16d02d54a9863ede9d374b25db42133d86f84af9425f632b2b0d1b7f857

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2336880
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 14572
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "38ec-615317cb-22cfa8d9021c998;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UFKuZ9FsRumF5xMwHgDzWnbNzsYV5Q73L2%2BWegrceGH66h6UoDpuwHLTcuudYTvvZOQ9IatWc9OKKWuJX%2F0Hw%2F2s46UJogcaNOW2kokexlTGi%2BbgYtkPKvjWhBwMFZ7uxgeuadn4FC9Di7EvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Thu, 19 Jan 2023 19:13:24 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b855ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 total-curve-1.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 11 KB
11 KB 53ms
50ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/total-curve-1.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05d3dd11907d6987061092439eee7831debc60fc9528c1079b523cfcff3a3697

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 143339
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 11005
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Aug 2020 08:28:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2afd-5f31053d-78e815f9c28cc707;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hUnemy4ZJeBmiKKrUfB5K2Y20cOCPGA93Au4k7Q3f3bkkVhGeU0zmZUP4C94IIzErk66X6UeVXtpolRfOen0wFv6BBaPS4FCBKxWj%2BPST9JdgiHgJd0lKLgKCPYMVice02RWMiMM5zYH%2Fiopw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 14 Feb 2023 04:32:25 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b865ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 star-white-1-new.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 9 KB
9 KB 81ms
78ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/star-white-1-new.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08d6d954f1493cb4d94046e867734d818ab9f1372ddd71524beb0bfbfdc2eab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860315
cf-polished: origSize=9130, status=webp_bigger
vary: Accept-Encoding
content-length: 9116
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "23aa-615317c7-1c885cf4e202bcdb;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CMlGTJe1JrVpv2jUyy1dNa0UQwItoD4xFQuUoDD4Kcz09O4%2F9IC4IBS55FQGBeATCIeSyPFXx2iig51LeXRyMFpG50kL94%2BwO2%2FW7rq1rU%2B0nw6A8Phh9N8O4hM%2FdCbx4JMSwQnPE42NlR7RA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 07:36:09 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b885ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 her-solution-gel-2.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 6 KB
7 KB 50ms
47ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/her-solution-gel-2.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f00ce40696e8b22c4739763c8255f6682f60a52eee5298ecc69077fbb870bc02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3424022
cf-polished: origSize=7787, status=webp_bigger
vary: Accept-Encoding
content-length: 6639
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Aug 2020 08:28:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1e6b-5f31053b-97bcda0dc0cafbff;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2Fc6Z%2FGeqApTox6NzaNdjsnUSQjZCnwz69FkFHqkyTZs%2FETb6yF7O8E1UKakp%2FT2FzSpcz3OxSJ3OHLchx1bJEsJQPHO2XKE%2FrHqNraVBaEkZIsOkojZTapix2pk5lAFPZmgTpmL3r8T4%2F30kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 07 Jan 2023 05:14:22 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b8c5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 sunglow-new.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 6 KB
6 KB 67ms
64ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/sunglow-new.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d216c956bfd615c0a3967ae62b40fb90efaeaef453b48c135544a7dfb852639

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 536886
cf-polished: origSize=6180, status=webp_bigger
vary: Accept-Encoding
content-length: 6168
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1824-615317c8-79b21b923a484e62;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCAPwPv97oA6X3bZeMWyBz1RyK5KBcwLKokpzFzhrrpUfunf4LTYzWGQLPuCdiKiSMjhwgL%2F6kNeUNOg2zG5EgVCEkDQNnaQPrWFLPNxS9KK2yldsoaLS1apROIhk6kcB2NqqXDtnFJ6UlBX7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Thu, 09 Feb 2023 15:13:18 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b8e5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 skin-condition-1335878222.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/pages/social_media/small/ 16 KB
17 KB 54ms
51ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/pages/social_media/small/skin-condition-1335878222.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57156bdff68e94fa8110237805e69d8b634f3886cc40a10e16635aef8b7067d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1842165
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 16821
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:29:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "41b5-615318ae-d7f6a6ee56fc5dd7;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hk4MQIEPP1xKLijbyTXf5QW%2BIkuKnyHWjQbvQFURxp5HkL%2FddCWDG6RsNKjSQoqTKpkVorp68A6%2FvlRnReyNnN9BgWL6tQN7cDu1RNP2Wy8QmDoiczwEZTsq7CPSH5QlWsypTpw5Kr5aKQBQww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 12:38:39 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b905ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 seo-565877548.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/pages/social_media// 60 KB
60 KB 51ms
48ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/pages/social_media//seo-565877548.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1a725ee56914413c6ff7374a9e506d70a0704b2ba6aea5eb8468f08b662e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1842165
cf-polished: origSize=66482, status=webp_bigger
vary: Accept-Encoding
content-length: 61400
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Aug 2020 08:28:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "103b2-5f31053b-f3c4810626e1fe8c;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3E%2Bk4pBdWXGGGPeWisQutrYRFvviqt4UJiicxvwmepJGEY7sRD9bNCoEboXjC6LaJfQXY2qsObURVo5Ykkey06hXyBTrQII6opZrTk8CIbQP5qwLG8FhZfAjSn00IcGopwIUU4b7d2bi8549MA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 12:38:39 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b915ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 seo-1108308884-2.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/pages/social_media/small/ 18 KB
19 KB 45ms
42ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/pages/social_media/small/seo-1108308884-2.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f74e6d99c028b5f4c20f7fd3b77adc884b1ee62585b4449903e4e145646a53d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1842165
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 18810
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:29:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "497a-615318b4-57283d5df56575e4;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AGsF4KINLgAHgw%2Ba7Ambvd622kWnejhVSoISnQMEVMSsZXkfocUfMhj3AWgeqrPAQGuvDGY0A2AGxIlkTfXjfQHPgPLiBrnfYrcQhnq93bi6fw3bCf60EfE080nruroV25aTzpEGihPDqowTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 12:38:39 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b945ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 seo-469662116.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/pages/social_media/small/ 14 KB
14 KB 53ms
50ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/pages/social_media/small/seo-469662116.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e5578577a76635d2e9e0cf7cfbd14d3c9418ec11905cd964f0897c948d858bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1842165
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 14260
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:29:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "37b4-615318af-3a339dfc9cef4196;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GU%2BErXGO4GyaiJr2WQ%2BqfqCHry563bzgiYcc0IOmG8fm0UpwlHwygTYAfsOQSPDxx%2FSwoOVuZQb1VgQT8JPWfFthUIYyIy9IJH0PmkVaPzGNDUyW2FYf5d5%2BhdbXXAd%2BpyQwPo97n9FMjf%2FV5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 12:38:39 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b965ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 home-trust-pilot-4-5.png
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/ 916 B
2 KB 57ms
55ms Image
image/webp 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/home-trust-pilot-4-5.png

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05d05634e34daeed9a1ce7436856020ad2367f34e02270f71d47b45ce828624c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1953215
cf-polished: origFmt=png, origSize=2712
content-disposition: inline; filename="home-trust-pilot-4-5.webp"
vary: Accept
content-length: 916
x-xss-protection: 1; mode=block
last-modified: Wed, 12 Aug 2020 06:54:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "a98-5f33920d-b6afd258053652a2;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkDqjsFfyQ8aPzaIPtjL26Ox2%2FmtqtK20B0YDb1CWVSff1Jldx4%2BDmXhTdZxSfb%2Fk2jZM4RGGkpXemu%2BeIu6LEmogYvUHBH4hivA4tRvKCX2iYd7eiqMRkRPe8XfmyIZ6To6tyvo5%2FUrki%2FoEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Tue, 24 Jan 2023 05:47:49 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b9a5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 foot-img-new.png
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/ 4 KB
5 KB 51ms
49ms Image
image/webp 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/foot-img-new.png

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f32399a75fbe79869f38a665e3189ef17d2d51ab4f9e18863bd78227b65aafd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 510212
cf-polished: origFmt=png, origSize=4628
content-disposition: inline; filename="foot-img-new.webp"
vary: Accept
content-length: 4116
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:30:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1214-615318f9-d58573f5612ea013;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NPXpBPXxe8enboFl0KaYhTHkIFYUPYzwF4qIVnTSouOPbEaX3dabTThkc3ySKG%2FI6SA%2FiOga7Ccq90awtUw2QcIH3eyTzDhenUGPUqKQ%2F7x6%2Bz7seR42HvZrZVGDDTB2aeBfJGT6BNb%2Fx8qSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 09 Feb 2023 22:37:52 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b9b5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 msg_tick.png
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/ 1 KB
2 KB 42ms
40ms Image
image/webp 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/msg_tick.png

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ecf3b04234a631113f4cd6adba91ec189a902759a054adae69e313bb009de98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 524167
cf-polished: origFmt=png, origSize=7003
content-disposition: inline; filename="msg_tick.webp"
vary: Accept
content-length: 1310
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Aug 2020 08:29:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1b5b-5f310560-ef96f89a59f67bd8;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYRr8ZjjxFbvGuKWUJuUUKiq%2FK0ycJsojdXzTf9tNsukObL3uCsSVQ0%2BWn%2FPWGvlku1HLEapV%2BvV4zqeuwm7L7XdolmAPWI90cOYqBBQRCHzi20RdMK59vfHHbYoTgwmpbhDhRF%2Fn5SoL3tHiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 09 Feb 2023 18:45:17 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e098b9f5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 rocket-loader.min.js Show response
www.shytobuy.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 37ms
35ms Script
application/javascript 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shytobuy.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Fri, 11 Feb 2022 20:14:10 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6206c392-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZeSl3ycM9LPBDz%2BuCCYBz%2FWIA9NQfzxjBann4cz0EpCMlsXRnMwPLbTl7aO1IINza55WwFqWY2bylOhNNfw9KN7eAROmqct%2FkA1YlF9z%2BKwzHkS%2FMnf%2FDEB8M683a8qTq7hj%2BOQMuTHHa6tUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6de13e098ba05ca4-FRA
expires: Thu, 17 Feb 2022 20:21:24 GMT

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ww-comman.js Show response
www.shytobuy.de/assets/js/ 791 KB
208 KB 50ms
45ms Script
application/x-javascript 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shytobuy.de/assets/js/ww-comman.js?ver=4.46

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e44ac0492d93953497ba7cc4cad3de9106bb65250fe5142172a80ecd7273bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 469728
cf-polished: origSize=810001
cf-bgj: minify
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Nov 2020 09:03:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c5c11-5faba8c6-72d3575aafeec45b;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQRVuuUkm3WjIrdJ8gqOe9oa1FtlaAinMaV6KQKMYKmad4Icvv0%2F3xd2cn%2F0EzN4uhsA%2F7TGCQFPFM5DycwGNhlMMRCC%2BdJeUidYQ%2FHRKRUnt42FOv5AYeTDC%2BDYxyx0iSVjuzCpjED2emZdUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6de13e09dc205ca4-FRA
expires: Fri, 10 Feb 2023 09:52:36 GMT

GET
H2 200 brandMenuJs.js Show response
www.shytobuy.de/assets/js/ 20 KB
5 KB 38ms
32ms Script
application/x-javascript 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shytobuy.de/assets/js/brandMenuJs.js?ver=4.46

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef5426875ceb50e492c6d93c800d86c5935c95d7511a13474a985cbd249e98d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 469728
cf-polished: origSize=30621
cf-bgj: minify
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Nov 2020 09:03:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"779d-5faba8c6-724d132baa1f1928;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFmVYNQfiTo5KdSmQ6Ammwe%2BmTzbPDNUq2EgPEi3G%2FpIoYgQTSmN7kZe8yJ%2FF9vXc55iKxg4gOPOe6PxfdNjIKyA6VjFgmcbGbfKp6VFjmu7s4FI4ofSFfU%2FqXeCq%2Ff730PJiGoPcHG54qx7cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6de13e09dc245ca4-FRA
expires: Fri, 10 Feb 2023 09:52:36 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
www.shytobuy.de/assets/js/ 87 KB
32 KB 31ms
26ms Script
application/x-javascript 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 188
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Nov 2020 09:03:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"15d84-5faba8c6-4ac9225e1a348e1b;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BkQIPsv1xo3Zjfab7v3LQp0K8Fpm%2BxmIDbiRacPIqtv1Hp8N5JFPB7tHitDPA4btaUgHqlSjO2tlssGJQJTk%2FdAsMRTY1nOUZhbJxS9O2uurqHYiT%2BoQkEWrcb2wdqSHo52E3T42p8mJPCdCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6de13e09dc2a5ca4-FRA
expires: Wed, 15 Feb 2023 20:18:16 GMT

GET
H2 200 flags.png
www.shytobuy.de/assets/shytobuy/images/ 4 KB
4 KB 35ms
34ms Image
image/webp 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/images/flags.png

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/shytobuy/css/main.css?ver=4.46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7761ecae0ef9c0b4284031d67cc18d1ab97a4283df43661e62f398d07557a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/assets/shytobuy/css/main.css?ver=4.46
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 515098
cf-polished: origFmt=png, origSize=4279
content-disposition: inline; filename="flags.webp"
vary: Accept
content-length: 3916
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Nov 2020 09:03:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "10b7-5faba8d0-16c8bb9295c563f;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFT7GcsHxWsVSq7wmdnWgsHe5%2BBr8fsnTReyksuZ6n%2BW4eZdxe0aBTMXfFhCoedtbN4ALFmB0%2Bh1YRz%2FZNsTRj%2FdbqyHps470CwPJqRlZsWZaIIh2AVl8uIsOjIm8Rke87rh6fRDO5XahHZjQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 09 Feb 2023 21:16:26 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a1caa5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 sprit.png
www.shytobuy.de/assets/shytobuy/images/ 44 KB
45 KB 26ms
25ms Image
image/webp 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/images/sprit.png

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/shytobuy/css/main.css?ver=4.46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1774e334b6354d5cf7d2efb580cdeb8dff01fd83a1d1310402e9ec8fa18f3a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/assets/shytobuy/css/main.css?ver=4.46
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2505086
cf-polished: origFmt=png, origSize=128060
content-disposition: inline; filename="sprit.webp"
vary: Accept
content-length: 45092
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 10:35:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1f43c-605c677f-967fc8f498f4a44f;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niQG8iR9rPryyJpicZaqlddgX%2BF7SgweqfdrTksd8gb6JcSo8zVLsXWxEugkshmXBWJstgGf5z1HL9b4OONlc9eXQZdPeug%2BELl49s8jgHkyRq0EiGjTHGWsT818bKttUDw8Jb4a1qHhdZgQgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Tue, 17 Jan 2023 20:29:58 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a1cb25ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 shyde-service-banner-home-new.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/home_banner/ 52 KB
53 KB 23ms
22ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/home_banner/shyde-service-banner-home-new.jpg?v=1

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9c0dee2fbfe7831d39b96163855b9d469d42e919c193172390804cb5336c10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128664
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 53717
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:27:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d1d5-61531829-9b018264c56d7b6a;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5yDDLLpFh04umCQ9noLLYqfwdMMLF17s532N%2BoWCB2HMASiK4TYb8LyWmfuHdD36ReBlNl7qCKMhZLLyRBnwY0boujV2bkMpwhJoTRuzEj24DEcziH2gR%2FUJ4KrIOFHMcxtGi0GUVi2zKxu8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 14 Feb 2023 08:37:00 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a7da05ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 shyde-viaman-home-page-banner1.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/home_banner/ 46 KB
47 KB 55ms
55ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/home_banner/shyde-viaman-home-page-banner1.jpg?v=1

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294da8ae576ea40d68f310dd03327328ce475842bcb15d80e58277101105366a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 561937
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 47346
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:27:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "b8f2-61531825-cfd0b5ffc2beefcd;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quiRAOGXY1vc7Baw3pzaXvMX8gm6gBGioANjZsQ3en6omnQ8r1Xh91Pc6YyPLCHX2WVt4st%2F6lDrwgB3fkpx35EUpnIVgUSPqHZv%2FzT5Z8tC4PeiINQMfKxE1qyoDNCrG1bc0QG3YYAGcbvIGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Thu, 09 Feb 2023 08:15:47 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a7da85ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 viaher-de-home-page-banner.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/home_banner/ 64 KB
65 KB 23ms
23ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/home_banner/viaher-de-home-page-banner.jpg?v=1

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

738c53f4e44a779f7b83e4903542d03ac6d2835db69710c3a26e1afdd4c06778

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128664
cf-polished: origSize=71914, status=webp_bigger
vary: Accept-Encoding
content-length: 65636
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 12:10:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "118ea-615d9222-7c92f8a1686fdacd;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGIlk9uURERX9Tq0xZbcaf5QgMi64xxuOkRs8yeCCJ9RZQ%2B9Af7sNnXEXSh78MSOXALD1n49VcDxatmGZRG5EHDc04kTRiLiaxyToHVQTrifJ8KPIVRk8c8svg3KC086DZ0fWU6DonXuoEjgzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 14 Feb 2023 08:37:00 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a7dab5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 emuaid-blue.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 13 KB
14 KB 27ms
25ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/emuaid-blue.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b5626c7b0857b3541aac4737d38b4ad92b9615b91f46af12479d5048c5e4cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130414
cf-polished: origSize=14997, status=webp_bigger
vary: Accept-Encoding
content-length: 13612
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Nov 2021 11:18:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "3a95-61826ff1-58e99d82f08e41ff;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Mvb3m7H9YWA8Lzhp9%2BUMMdQFkGhFb0G0TzmQRFp2wfboKtBomkgUx6mW3mpuUSyY92K6IiPWLbXRnwehp9o01YqvqZh2zu7LXHs8%2B8BWIY2uun6kVP8uSr0n42VVuEnqBOrnkB2HzJEdKJfeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 14 Feb 2023 08:07:50 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9dce5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 emuaid-red.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 14 KB
15 KB 43ms
42ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/emuaid-red.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

822eefd63c78db9f4e0b497609e1fff82a64b2acb42fc5c11b084c5b14822812

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 893312
cf-polished: origSize=16252, status=webp_bigger
vary: Accept-Encoding
content-length: 14794
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Nov 2021 10:56:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "3f7c-61826ae1-9aa3f9fcdf80d088;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rdfvue9R0yJOHuJVr44L4fwBd7EAlQiSS9Di%2FBU8WGvTdLUnnHPGgTvjYe9p997xq0ocEoiOZxteN8YyqzU%2FKORUmPRiyQABWRtwCASUUJ9rOqG6L7e%2F9XKbmr4YLIDjhn2SKXuoTA2t4ni7kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sun, 05 Feb 2023 12:12:52 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9dd05ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 selenium.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 15 KB
15 KB 69ms
68ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/selenium.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8c5f02c91a7758e1e35a7c701346957ad13875a52d6041ca1b39a9c1329d291

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1842165
cf-polished: origSize=16733, status=webp_bigger
vary: Accept-Encoding
content-length: 15336
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Sep 2021 06:09:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "415d-6149771c-5d684734f66f4930;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQk3LQgGWsOLEQr63TIk2kxfqsOxgq2eFnDYISzd8tc8PEBywmpgOu2g%2FTs6Fy8oyr7MB3%2Beo3wdYXc7rWjrCttaavbN4JC%2FV5Mj0GL97omFHi59iDWhwSDI2sRuecg%2B5VoKO8mi%2BtTOE8VO0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 12:38:39 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9dd15ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 foligain-biotin-conditioner.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 9 KB
9 KB 29ms
28ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/foligain-biotin-conditioner.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9003cc2be93c9d9905c8f5279b5c3a0fc1bb6a2c64c04ef5a7218aa8f15cf94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1842165
cf-polished: origSize=10435, status=webp_bigger
vary: Accept-Encoding
content-length: 8940
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 11:15:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "28c3-61013c47-9340acb0e36f4ac4;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCbNvI1jjUSo%2BbtI6iw3PcNN9lkfPbJiO3ytEwHtWQ%2F2%2BjAIJZjZKCJfONJXVXee8WdkHshX%2FV%2BfEQfKy53llnMDOLJ3j5ujXgXkQR%2BcbLHpQqRnK70t6A8eY04aGe6%2BH%2FAzBMrw%2BM8vA%2B0bCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 12:38:39 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9dd45ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 cranberry-with-vitamin-c.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 16 KB
16 KB 48ms
47ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/cranberry-with-vitamin-c.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

669af987b4d05885604acdedc4dfd7eae5222007c61dbcd821266dd2d8c2bd66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1842165
cf-polished: origSize=17882, status=webp_bigger
vary: Accept-Encoding
content-length: 16103
x-xss-protection: 1; mode=block
last-modified: Tue, 11 May 2021 10:13:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "45da-609a58ce-c12bdd1314587b9e;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cl1b6Vmx6hjc2%2Bpm5Z4Kw16nNhKHfGvnOoBbAufrpmZgJPpMMoM%2BjIcHHs5P2mtIVX%2BC1JeLTGjHJ7p3MHqM7VbvQ7feR%2BV4XGym8yZlxfS4PqSqta2Aklw9cwW2pFzTHd6qnwNLR8t0PXEWGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 12:38:39 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9dd65ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 mysmile-toothpaste-toothbrush-kit-box-1.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 7 KB
7 KB 28ms
27ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/mysmile-toothpaste-toothbrush-kit-box-1.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38ebe1604a541ddcd3fab222ee4f70d323ae7e6eb10d3447922e072f1af1930c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1842165
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 6906
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1afa-615317cd-a0b8c0f25600eb86;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=061RoxC%2FXlc0zhktz0xvNws3txb6sEz%2Fo8Pnc%2BXpdVUDMWiLMAOhlbejwhuxHGw%2FuFf%2BbECJzrUFteSXuRjhUoJ1UWCNIJBUy0ewKwCTM9%2BwDovx3wmzli1vLs6kSYWi02UKgZtg%2BGJlUfFZVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 12:38:39 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9dd75ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 viaman-tboost-1.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 9 KB
9 KB 29ms
28ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/viaman-tboost-1.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edb59f433f8191a7af6ecc0509c79c6b6929387fee15723d9ee382822b49e789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 505914
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 8920
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "22d8-615317c8-2e963c2ec20283d8;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JULgvauh5zbhwXzCfZUmcsKDDyNoyNVOup5%2Bo4oDJFGicwSF6p0H7bh2aFv%2B2jy1vO8xdXwIOwpmlJoX%2BPfgH9P9AO1U3iWNys2QJUf2jas2kMHvtTxRq8ryJFtVGji1szExT%2FsnphN7IfQRzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Thu, 09 Feb 2023 23:49:30 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9dd85ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 biotin-complex-1.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 9 KB
10 KB 46ms
46ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/biotin-complex-1.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22806d064064501e4e2667281f506301657a3e565188fbfbfbf3fa671a77c703

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130414
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 9454
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "24ee-615317ca-cccd65e4b6c42415;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KubAbE%2BAAidmMkOdwVkyE4l9P7q5IjyqFcH4VFQFGYv58aTLgbC3LfaXczhziCbjnZErlLQMchb%2FKhgib2dI2t1Rjd89ODOea3ZnG3bRmTxoHGT65KPQKw4v95XQWJ3oN%2BInd1CCunuqDX6BmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 14 Feb 2023 08:07:50 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9dda5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 viaher-pro-front.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 16 KB
16 KB 42ms
42ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/viaher-pro-front.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd1dfec2f062c14bd3d13b33434953aa3331f2b17720ee149bcdf7afb677275c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1704272
cf-polished: origSize=17836, status=webp_bigger
vary: Accept-Encoding
content-length: 16383
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 11:39:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "45ac-615d8adb-b0193ec4fdb4c161;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCHSfh6Ni40tXx%2FO0T7rTSDNIXsBlv91VrUOCvTx8%2BLQ3kMkxvSX6YbmvayWBL7uaTN5gi634TMxi8hl4ewIvajw29SmChM9YvIky2BVdPamugimLRHmZtoy9QBHM0UEoxfNM2YslV0foYa3KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Fri, 27 Jan 2023 02:56:52 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9de35ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 viaman-delay-40ml-spray.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 4 KB
5 KB 42ms
41ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/viaman-delay-40ml-spray.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89afeb7ea7fb1e53b0a2fb1a6cbf27e442077c274df71d5b4c9192128e53eae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860276
cf-polished: origSize=4367, status=webp_bigger
vary: Accept-Encoding
content-length: 4343
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "110f-615317cb-6dc91e7ef324125b;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tL%2FD8%2FpdDACAK3dUanjkPWorgYMd%2Bi6bEbjMY7pNu1zLOQ4coNK3jjAKQwYhyr3P3dZyp4P7yxXM8bsEdXsUqZ%2B7wqsgOBND4H6eXVt9FZI3rfyiZyUoLRnX1DxAMpD57f7lXFaB4%2FXMnFXRAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 07:36:48 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9de55ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 maxsize-1-new.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 8 KB
9 KB 38ms
37ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/maxsize-1-new.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ebab84fbd212f2516b8297ad0907b739c15ace52b98e2f933b570e58e0ad014

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860276
cf-polished: origSize=8194, status=webp_bigger
vary: Accept-Encoding
content-length: 8191
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2002-615317cd-c49fdf3ff2c839ce;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIatJjRU9yYmyX%2B2ok0FcjmGtQYdVAl4kKV0U86d9ka5EfkHbNMSxFkhy7stl%2FFpxpci1txLEOfn1dmCXvBGzh2ut%2FDL4bcvll15SSoiqSTi%2BRkoQJbpxzNRClfostbj6pp95miqc9Bx8w7mmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 07:36:48 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9de65ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 gmax-x10.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 14 KB
15 KB 41ms
40ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/gmax-x10.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a067c16d02d54a9863ede9d374b25db42133d86f84af9425f632b2b0d1b7f857

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2336880
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 14572
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "38ec-615317cb-22cfa8d9021c998;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BI6oC5mYXu2mcqoiptuU0p3z2nY51lUHHpnrSXmDEl0e%2FM%2BvBrAEWggL%2BN4tndd5ohRJAKxqqpSPa8U0jMEGKc2P3UHilQdRr8BphkzD1FvqjyHIEBHguG3C%2F162mOQPSr20G51j9wCVPGSWgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Thu, 19 Jan 2023 19:13:24 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9de85ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 total-curve-1.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 11 KB
11 KB 37ms
36ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/total-curve-1.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05d3dd11907d6987061092439eee7831debc60fc9528c1079b523cfcff3a3697

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 143339
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 11005
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Aug 2020 08:28:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2afd-5f31053d-78e815f9c28cc707;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RgrgLc8U1FdUj3iLI%2F9X%2Fv3khcUuOOfv%2BzWPAc6DirWFWhGtOdjdQdAp4Qq%2FHMkjRoxpoNu%2BZacVRgOgOMyOl8%2B0%2FgD66UEk5VmbeZ59ncf9ke69O4LW5ocfxI5pMRax9O%2F9nv%2FlbehKQYAKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 14 Feb 2023 04:32:25 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9de95ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 star-white-1-new.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 9 KB
9 KB 39ms
39ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/star-white-1-new.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08d6d954f1493cb4d94046e867734d818ab9f1372ddd71524beb0bfbfdc2eab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860315
cf-polished: origSize=9130, status=webp_bigger
vary: Accept-Encoding
content-length: 9116
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "23aa-615317c7-1c885cf4e202bcdb;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RxWXY8kA8wQDkyu4kgfpdUW5DttOgfcgdiBBMyc68fHb2r7ezWt0G3tKK1iTjD8EM53Plarx55jfLURjhBEllBGxu9YwD8gqIaEnMhIObRBI7eVO5i4gtY1YQFf%2Bru9cKS%2B5nfu0VanJ%2F4soQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 25 Jan 2023 07:36:09 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9dea5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 her-solution-gel-2.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 6 KB
7 KB 44ms
43ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/her-solution-gel-2.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f00ce40696e8b22c4739763c8255f6682f60a52eee5298ecc69077fbb870bc02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3424022
cf-polished: origSize=7787, status=webp_bigger
vary: Accept-Encoding
content-length: 6639
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Aug 2020 08:28:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1e6b-5f31053b-97bcda0dc0cafbff;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcMnpqObTeDZr%2BjqTMI%2FsWGjrddmohWlECV3hx7zlaaJFbYf3A4nFkEyeJXkWtT9WS5LEpfc8iAvQgkRmdFatyi6wPN2bwDwlJ3ep1oKVs%2Bwwbnu0oABRwAZsuzrnCKm1yqWpR7NxkovS3CnAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 07 Jan 2023 05:14:22 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9dee5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 sunglow-new.jpg
www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/ 6 KB
6 KB 39ms
39ms Image
image/jpeg 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/shytobuy.de/images/product/homepage/sunglow-new.jpg

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d216c956bfd615c0a3967ae62b40fb90efaeaef453b48c135544a7dfb852639

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 536886
cf-polished: origSize=6180, status=webp_bigger
vary: Accept-Encoding
content-length: 6168
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Sep 2021 13:25:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1824-615317c8-79b21b923a484e62;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Epn8J2y0TqIc5NBe6Kf3bhbdecYjSl7prUp2%2FVHPl5JCOHOv9MOmlGKkmz6nyJbNve06QaXKukKM4EO1q44r71ROXDfpksGO6EgUZ3USFwSOMNOnZfQEv17TCdydONRuy2GCC76xNVozK9Gsvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Thu, 09 Feb 2023 15:13:18 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0a9def5ca4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 153ms
66ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=renderBadge

Requested by

Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JMjWv38g%2Fo%2FPqBVxWV5igUcE3eoiGu1kVmKiKHBdRpjMUaqauqrd0mjnjUijxTeFbdqwfztX9hll1F2oTz8ewMg7K0Zpz33%2BNkSQAL5mMxZZLsxyydbQ3KJBZ9Rif%2BEicf1Ea12%2BbDm6KWeSse3i9eh5douTGRRUfD1J0ztkqVAxiUzImoLoNyZJKgkYE%2FNGO0vTCqZntjExEvZZKR2VoKIN3%2FN97yl%2B2fhlYKt2sCYCtRsVtJqP2z7uA0bvIIhPmcWEHUTIxjgAzOS%2BT2V4%2B9Y4P%2B0E2DJ%2FQpYtJZPGKbxqkF5hrUW5Suxc8wR5BRknJPjdsi0f%2ByXdJPO3bpvEvfat1v%2B7R%2FCObrzD7r47AUVdwWbDJgKwegTTFp%2BS7tzCrOxCw0WByy6riBpEho1J%2BPuLta7KuM5lQzZ%2FJZ2ZGYM%2BQJwVClAmtVal6gHmzOpaSg7sR0UyQkmdzmlksKf3QPRI7qEoS8kMcXTh5ilsOc6Kpg34DpGewtJ0MKnkbvWOO1ZKm2bbAORgpNezkIt7arGJX5GQs%2Fzxa5EnMpWvFfkXQRR27q6Jp%2FPf%2BoMtgdl3bKqoItfZLYW2ogzgDUA3wOTE7Jq6lDfua8S6o5uaLlt7Xosoj2E9g%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b30530916ccf927a18418e8bd6494297c7a0c9453a7cb0dfacb27af678404e8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CLtKFoDaGJR8PH/eho6MLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "48375760783eb8455e12f504a7bd8793"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-CLtKFoDaGJR8PH/eho6MLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 15 Feb 2022 20:21:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: d1Fi/kKrNT2JDpnyaPR6BwBzTJwnuFP0QQD25e/3sd/eqIK9lPQDie5myfP/hKJXbdVydo1Evqoy2+FZdDQj3A==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 15 Feb 2022 20:21:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
79 KB 164ms
78ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PTZB7F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a1a3e49bc815f977b93a77092ab60ebbf9fc1f4211ba3de1c6743df2414844e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80644
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 19:42:20 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Feb 2022 20:21:24 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 64ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JMjWv38g%2Fo%2FPqBVxWV5igUcE3eoiGu1kVmKiKHBdRpjMUaqauqrd0mjnjUijxTeFbdqwfztX9hll1F2oTz8ewMg7K0Zpz33%2BNkSQAL5mMxZZLsxyydbQ3KJBZ9Rif%2BEicf1Ea12%2BbDm6KWeSse3i9eh5douTGRRUfD1J0ztkqVAxiUzImoLoNyZJKgkYE%2FNGO0vTCqZntjExEvZZKR2VoKIN3%2FN97yl%2B2fhlYKt2sCYCtRsVtJqP2z7uA0bvIIhPmcWEHUTIxjgAzOS%2BT2V4%2B9Y4P%2B0E2DJ%2FQpYtJZPGKbxqkF5hrUW5Suxc8wR5BRknJPjdsi0f%2ByXdJPO3bpvEvfat1v%2B7R%2FCObrzD7r47AUVdwWbDJgKwegTTFp%2BS7tzCrOxCw0WByy6riBpEho1J%2BPuLta7KuM5lQzZ%2FJZ2ZGYM%2BQJwVClAmtVal6gHmzOpaSg7sR0UyQkmdzmlksKf3QPRI7qEoS8kMcXTh5ilsOc6Kpg34DpGewtJ0MKnkbvWOO1ZKm2bbAORgpNezkIt7arGJX5GQs%2Fzxa5EnMpWvFfkXQRR27q6Jp%2FPf%2BoMtgdl3bKqoItfZLYW2ogzgDUA3wOTE7Jq6lDfua8S6o5uaLlt7Xosoj2E9g%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:23 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 585F16AD94A142FA8474CCE85BC612B5 Ref B: FRAEDGE1317 Ref C: 2022-02-15T20:21:24Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H2 200 watermark-shy.png
www.shytobuy.de/assets/shytobuy/images/ 6 KB
6 KB 21ms
20ms Image
image/webp 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shytobuy.de/assets/shytobuy/images/watermark-shy.png

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/shytobuy/css/homePage.css?v=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55a912533cc280a578a7fa996813bef27bde0c2329e90e4fa1d3cdf5a5d5cb37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/assets/shytobuy/css/homePage.css?v=256
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1118991
cf-polished: origFmt=png, origSize=6925
content-disposition: inline; filename="watermark-shy.webp"
vary: Accept
content-length: 5700
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Nov 2020 09:03:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1b0d-5faba8d3-4744dab82dbd685b;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZfmSV1mNIjylr3JqqdeSD4R8gXgVrVCmAhZv7Om7CqmMtuRyCi6UnQzmrdm8JrkAhSzFnyvIG4va6BRRRkiYCLv1EtamL6mitnjjm9CrdL72Uen8ktf4uBfDUEhwQh7SpLj%2BOeDTtdnlgFOlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 02 Feb 2023 21:31:33 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6de13e0b2ef65ca4-FRA
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 getcartitems Show response
www.shytobuy.de/ajax/ 222 B
1 KB 164ms
164ms XHR
application/json 2606:4700:3108::ac42:28fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shytobuy.de/ajax/getcartitems

Requested by

Host: www.shytobuy.de
URL: https://www.shytobuy.de/assets/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.13

Resource Hash

ab8a11309ffd46e531d60995770782bedee1a65518af4faf1151030122e90be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.13
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNUSy6wj%2FEqwwcxiv8bc21yJTyFgJjitwyPlJVEJfo5tMMUWGgBmEMOEX7rvwzOCrxAkc20ZakJBr1XrBEPMWismQaxPQR4fdXlaAyAsA%2Br1HZgkTL%2BjLxs8Wkk5QHHm1G3jIdTSWfi5uLAsrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, no-cache, private
x-turbo-charged-by: LiteSpeed
cf-ray: 6de13e0b2eff5ca4-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 373738830563787 Show response
connect.facebook.net/signals/config/ 309 KB
88 KB 97ms
96ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/373738830563787?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c48ad5069d380e82f13e6bf81da4add134a36dc33ec6a5b5fe9be989646565e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: n/tJwxMWwuY5YtokFGLI7MJENbqpPwNEmzKhRjJXwun+6EuoXhFq3FQJaUDRZTWCxq/L6apZvhrTWxJCp8YjoA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 15 Feb 2022 20:21:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 4012934.js Show response
bat.bing.com/p/action/ 0
116 B 183ms
182ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4012934.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Feb 2022 20:21:24 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EC2BF3CBAA474C87835EA041BB35B005 Ref B: FRAEDGE1317 Ref C: 2022-02-15T20:21:24Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4012934&Ver=2&mid=04bd8b0f-6df0-4e36-81b5-ef0a8e64589b&sid=d8ba3e708e9c11ec84e8dbbb8d7ddcf0&vid=d8ba5fb08e9c11ec904303f71038d312&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Pers%C3%B6nliche%20Pflege%20f%C3%BCr%20M%C3%A4nner%20und%20Frauen%20%7C%20ShytoBuy.de&kw=Gewichtsabnahme,%20schlank%20werden,%20Di%C3%A4tpillen,%20Tabletten,%20abnehmen,%20Tee,%20schlank&p=https%3A%2F%2Fwww.shytobuy.de%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliates%26awc%3D22721_1644956483_317857d8709d3807159cf6d2e222db70&r=https%3A%2F%2Flookandfind.me%2F&lt=505&evt=pageLoad&msclkid=N&sv=1&rn=273049
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D77A85C9A6E94B508176609E3FF8450C Ref B: FRAEDGE1317 Ref C: 2022-02-15T20:21:24Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 4012945.js Show response
bat.bing.com/p/action/ 0
92 B 351ms
350ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4012945.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Feb 2022 20:21:24 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22B76E3A2308477195B3770AE0439CBC Ref B: FRAEDGE1317 Ref C: 2022-02-15T20:21:24Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
95 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4012945&Ver=2&mid=f220707d-bb7c-4626-b9be-cc6a32021e40&sid=d8ba3e708e9c11ec84e8dbbb8d7ddcf0&vid=d8ba5fb08e9c11ec904303f71038d312&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Pers%C3%B6nliche%20Pflege%20f%C3%BCr%20M%C3%A4nner%20und%20Frauen%20%7C%20ShytoBuy.de&kw=Gewichtsabnahme,%20schlank%20werden,%20Di%C3%A4tpillen,%20Tabletten,%20abnehmen,%20Tee,%20schlank&p=https%3A%2F%2Fwww.shytobuy.de%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliates%26awc%3D22721_1644956483_317857d8709d3807159cf6d2e222db70&r=https%3A%2F%2Flookandfind.me%2F&lt=505&evt=pageLoad&msclkid=N&sv=1&rn=859875
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A75733BDCB54DC0949A6384CB260866 Ref B: FRAEDGE1317 Ref C: 2022-02-15T20:21:24Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ 158 KB
54 KB 85ms
38ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=renderBadge

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7ad140802eb6e6fb96675047158c61737ca0e761b0691d8c331daa3516fa00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55330
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 03:46:56 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=373738830563787&ev=PageView&dl=https%3A%2F%2Fwww.shytobuy.de%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliates%26awc%3D22721_1644956483_317857d8709d3807159cf6d2e222db70&rl=https%3A%2F%2Flookandfind.me%2F&if=false&ts=1644956484530&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644956484525.449869641&it=1644956484359&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 15 Feb 2022 20:21:24 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 86 KB
34 KB 163ms
77ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-M9ZS27G

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTZB7F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

708c868bcc062f5dd44c03649a5c79495980e8713cd9caef76d01523a539a4b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34692
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 19:42:20 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Feb 2022 20:21:24 GMT

GET
H2 200 hotjar-411938.js Show response
static.hotjar.com/c/ 4 KB
2 KB 67ms
49ms Script
application/javascript 65.9.63.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-411938.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTZB7F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.63.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-63-46.fra56.r.cloudfront.net

Software

Resource Hash

adb16943d5be698f5f8b788a4e2e1e1deab4a9ca6d1b5433a2a364df4d705c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache-hit: 1
etag: W/8c11cd3ac66ccabe0254f28b617e477d
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
content-length: 1915
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-cf-id: hQ2zCUfF3IBScpEhzx4lxM5LK3jiAM95MvhQRklZCzu8N-iuB4Iwsw==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 136ms
51ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTZB7F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 20:21:24 GMT

GET
H2 200 22721.js Show response
www.dwin1.com/ 30 KB
8 KB 49ms
12ms Script
application/javascript 2600:9000:214f:4400:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/22721.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTZB7F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4400:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4216f3475fd83cc9e41ec6a4b2d34896f4af37229e172a6f7f6b31b60ba6e6b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: aEjnFGC8bHOIHj0XToEXl6OGHabnFHmm
content-encoding: gzip
etag: W/"fbcd6b26e170076eed873966f29a32a1"
age: 329
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Mon, 14 Feb 2022 14:48:16 GMT
server: AmazonS3
date: Tue, 15 Feb 2022 20:21:24 GMT
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: QyLmyQrRZ3_DB5H2b2HAWgS9LcmJcE0-y8CyNZVO3GpaRwfwzcpikA==

GET
H2 200 prum.min.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 76ms
47ms Script
application/javascript 2606:4700:10::6816:3668
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/prum.min.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JMjWv38g%2Fo%2FPqBVxWV5igUcE3eoiGu1kVmKiKHBdRpjMUaqauqrd0mjnjUijxTeFbdqwfztX9hll1F2oTz8ewMg7K0Zpz33%2BNkSQAL5mMxZZLsxyydbQ3KJBZ9Rif%2BEicf1Ea12%2BbDm6KWeSse3i9eh5douTGRRUfD1J0ztkqVAxiUzImoLoNyZJKgkYE%2FNGO0vTCqZntjExEvZZKR2VoKIN3%2FN97yl%2B2fhlYKt2sCYCtRsVtJqP2z7uA0bvIIhPmcWEHUTIxjgAzOS%2BT2V4%2B9Y4P%2B0E2DJ%2FQpYtJZPGKbxqkF5hrUW5Suxc8wR5BRknJPjdsi0f%2ByXdJPO3bpvEvfat1v%2B7R%2FCObrzD7r47AUVdwWbDJgKwegTTFp%2BS7tzCrOxCw0WByy6riBpEho1J%2BPuLta7KuM5lQzZ%2FJZ2ZGYM%2BQJwVClAmtVal6gHmzOpaSg7sR0UyQkmdzmlksKf3QPRI7qEoS8kMcXTh5ilsOc6Kpg34DpGewtJ0MKnkbvWOO1ZKm2bbAORgpNezkIt7arGJX5GQs%2Fzxa5EnMpWvFfkXQRR27q6Jp%2FPf%2BoMtgdl3bKqoItfZLYW2ogzgDUA3wOTE7Jq6lDfua8S6o5uaLlt7Xosoj2E9g%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 14:01:38 GMT
server: cloudflare
age: 6929
etag: W/"609a8e42-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=43200
cf-ray: 6de13e0ced1f9165-FRA

GET
H2 200 XFD8DFB50F51602C92C6AED67455EE205.js Show response
widgets.trustedshops.com/js/ 15 KB
6 KB 105ms
59ms Script
text/javascript 65.9.63.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.trustedshops.com/js/XFD8DFB50F51602C92C6AED67455EE205.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JMjWv38g%2Fo%2FPqBVxWV5igUcE3eoiGu1kVmKiKHBdRpjMUaqauqrd0mjnjUijxTeFbdqwfztX9hll1F2oTz8ewMg7K0Zpz33%2BNkSQAL5mMxZZLsxyydbQ3KJBZ9Rif%2BEicf1Ea12%2BbDm6KWeSse3i9eh5douTGRRUfD1J0ztkqVAxiUzImoLoNyZJKgkYE%2FNGO0vTCqZntjExEvZZKR2VoKIN3%2FN97yl%2B2fhlYKt2sCYCtRsVtJqP2z7uA0bvIIhPmcWEHUTIxjgAzOS%2BT2V4%2B9Y4P%2B0E2DJ%2FQpYtJZPGKbxqkF5hrUW5Suxc8wR5BRknJPjdsi0f%2ByXdJPO3bpvEvfat1v%2B7R%2FCObrzD7r47AUVdwWbDJgKwegTTFp%2BS7tzCrOxCw0WByy6riBpEho1J%2BPuLta7KuM5lQzZ%2FJZ2ZGYM%2BQJwVClAmtVal6gHmzOpaSg7sR0UyQkmdzmlksKf3QPRI7qEoS8kMcXTh5ilsOc6Kpg34DpGewtJ0MKnkbvWOO1ZKm2bbAORgpNezkIt7arGJX5GQs%2Fzxa5EnMpWvFfkXQRR27q6Jp%2FPf%2BoMtgdl3bKqoItfZLYW2ogzgDUA3wOTE7Jq6lDfua8S6o5uaLlt7Xosoj2E9g%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c242573eaccc113e007227fc14d40a121be886fff3e77f26915329a414839a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:25 GMT
content-encoding: gzip
etag: W/"3e23d8f26fc877764b78c860cf013787"
last-modified: Tue, 11 Jan 2022 05:03:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
via: 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-id: S1M657pEes4e5z1IDVzvy2-HYUfvB5lD-R2lRNFgo_2zROl-E362YA==

GET
H/1.1 200
OK goals_log.js Show response
www.e-healthexpress.co.uk/ 0
967 B 538ms
117ms Script
text/javascript 104.160.72.8
GETRESPONSE-IMPLIX

General

Check archive.org

Show headers Download Go to

Full URL

https://www.e-healthexpress.co.uk/goals_log.js?p=8&u=a

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTZB7F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.160.72.8 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),

Reverse DNS

mta-2.e-healthexpress.co.uk

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 20:21:25 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: sameorigin
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
X-XSS-Protection: 1; mode=block
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Feature-Policy: accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
Server-Timing: dtSInfo;desc="1"
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 114ms
39ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTZB7F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2790
date: Tue, 15 Feb 2022 19:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 15 Feb 2022 21:34:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 141 KB
53 KB 90ms
45ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1026341932

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTZB7F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1a3c2bc69e210a11ef46cce8324a809303ee3168a57dde6a20184429348f1d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53861
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 19:42:20 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Feb 2022 20:21:24 GMT

GET
H2 200 badge Show response
www.google.com/shopping/customerreviews/ Frame 09AD 23 KB
9 KB 358ms
270ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=110097934&position=BOTTOM_LEFT&origin=https%3A%2F%2Fwww.shytobuy.de&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

732624687458ac7d243fbc2934392d2d1e58f7427c1ca434c902b9b68ad61233

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fvY8Fkar4wYnz1oLt6IEng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'nonce-fvY8Fkar4wYnz1oLt6IEng' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
expires: Tue, 15 Feb 2022 20:21:24 GMT
date: Tue, 15 Feb 2022 20:21:24 GMT
cache-control: private, max-age=900
content-security-policy: script-src 'report-sample' 'nonce-fvY8Fkar4wYnz1oLt6IEng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'nonce-fvY8Fkar4wYnz1oLt6IEng' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin; report-to="VerifiedReviewsBadgeUi"
report-to: {"group":"VerifiedReviewsBadgeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/VerifiedReviewsBadgeUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK alt.php Show response
www.zenaps.com/ Frame E695 155 B
507 B 112ms
40ms Document
text/html 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zenaps.com/alt.php?mid=22721&sv=22721_1644956483_317857d8709d3807159cf6d2e222db70

Requested by

Host: www.dwin1.com
URL: https://www.dwin1.com/22721.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

f0053e6e6ae034d8cb0c251ec65299bf676850ed25c3614f0d4beb84241ebd87

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/

Response headers

Content-Type: text/html
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 15 Feb 2022 20:21:24 GMT
Content-Length: 139
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200 d9core Show response
the.sciencebehindecommerce.com/ 11 KB
4 KB 161ms
33ms Script
application/javascript 52.214.94.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://the.sciencebehindecommerce.com/d9core
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/22721.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.94.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-94-201.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 679a10f073febbcecb5ccf7026fa4cf24eac21858b63eeb40b4e882d583bf3eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 20:21:24 GMT
Content-Encoding: gzip
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag: 5bc31bf7d4a298e1bef9d35fce222bfc
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: the.sciencebehindecommerce.com
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 3608

GET
H2 200 modules.855de5fca5328f4d913a.js Show response
script.hotjar.com/ 235 KB
62 KB 29ms
8ms Script
application/javascript 143.204.215.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.855de5fca5328f4d913a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-411938.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-79.fra53.r.cloudfront.net

Software

Resource Hash

23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 17:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 442878
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 62578
access-control-allow-origin: *
last-modified: Thu, 10 Feb 2022 17:19:42 GMT
etag: "6f96b4466f1ad2a1f9575d6ac84a137f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 4tcEqG-H0oznKo3fC2Ik5CpnPUKQTsItqGD8GExLSAzlDwExhigu8g==

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 130ms
29ms XHR
text/plain 52.48.188.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5350fe6dabe53dd40c3db097&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=87&cE=107&dLE=87&dLS=59&fS=59&hS=93&rE=-1&rS=-1&reS=107&resS=359&resE=365&uEE=-1&uES=-1&dL=397&dI=415&dCLES=464&dCLEE=464&dC=504&lES=504&lEE=505&s=nt&title=Pers%C3%B6nliche%20Pflege%20f%C3%BCr%20M%C3%A4nner%20und%20Frauen%20%7C%20ShytoBuy.de&path=https%3A%2F%2Fwww.shytobuy.de%2F&ref=https%3A%2F%2Flookandfind.me%2F&sId=q01r0akx&sST=1644956484&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/prum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.188.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-188-246.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 15 Feb 2022 20:21:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame 3FA0 2 KB
1 KB 27ms
7ms Document
text/html 143.204.215.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-411938.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-65.fra53.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: wEqbdyi6O7YOXgcgiUc4sM22udTq7utMfx9lDTMoMsixlcHHPOowNA==
age: 991758

GET
H2 200 trustbadge.js Show response
widgets.trustedshops.com/assets/ 254 KB
71 KB 8ms
7ms Script
application/javascript 65.9.63.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.trustedshops.com/assets/trustbadge.js
Requested by: Host: widgets.trustedshops.com
URL: https://widgets.trustedshops.com/js/XFD8DFB50F51602C92C6AED67455EE205.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6d6514328ae2190342da41687544a458508323e3cc3dc462cfbdf5f11232496

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 19:40:52 GMT
content-encoding: gzip
etag: W/"50eeb095f5e1b8c56a5f1cd27e3c1165"
last-modified: Wed, 05 Jan 2022 13:34:24 GMT
server: AmazonS3
age: 2435
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Oo8ohGQtSDWSjKZ08r_gwuxgWQaSDkc5Ze1dKN3z4AYO-SVIJXhCNQ==

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 85ms
39ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 15 Feb 2022 21:19:38 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/980843944/ 3 KB
2 KB 140ms
53ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980843944/?random=1644956484726&cv=9&fst=1644956484726&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.shytobuy.de%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliates%26awc%3D22721_1644956483_317857d8709d3807159cf6d2e222db70&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Pers%C3%B6nliche%20Pflege%20f%C3%BCr%20M%C3%A4nner%20und%20Frauen%20%7C%20ShytoBuy.de&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00e1651533a154157dfaae04f06b1b6755a2af90b9e726836e68940778a1030a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1135
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 141 KB
53 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-987756850&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1026341932

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecf2ed5da484815da1e21a73491cf5503dcf520c99500407166ec8541912489a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53878
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 19:42:20 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Feb 2022 20:21:24 GMT

GET
H2 200 trustmark_120x120.png
widgets.trustedshops.com/assets/images/ 8 KB
8 KB 7ms
7ms Image
image/png 65.9.63.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.trustedshops.com/assets/images/trustmark_120x120.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45414d90709f784fcb63afe7b2827e4ebe5ebd9b94841a05629395f3943bbc2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 15 Feb 2022 20:15:43 GMT
via: 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jan 2022 13:34:23 GMT
server: AmazonS3
age: 342
etag: "d85f5c61a2d1e39cf0301c6a0779fc61"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 8208
x-amz-cf-id: 2ArS_4REmonIss4k7v7qF0h7I6Wahv0rUgWvws_butT5ZotQntwyFA==

GET
H/1.1 200
OK 22721.gif
www.zenaps.com/m/ Frame E695 43 B
488 B 22ms
22ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zenaps.com/m/22721.gif

Requested by

Host: www.zenaps.com
URL: https://www.zenaps.com/alt.php?mid=22721&sv=22721_1644956483_317857d8709d3807159cf6d2e222db70

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zenaps.com/alt.php?mid=22721&sv=22721_1644956483_317857d8709d3807159cf6d2e222db70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 20:21:24 GMT
Allow: GET
ETag: 22721_1644956483_317857d8709d3807159cf6d2e222db70
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: max-age=0
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

POST
H/1.1 200 lgc Show response
the.sciencebehindecommerce.com/ 0
570 B 32ms
32ms XHR
text/plain 52.214.94.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://the.sciencebehindecommerce.com/lgc
Requested by: Host: the.sciencebehindecommerce.com
URL: https://the.sciencebehindecommerce.com/d9core
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.94.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-94-201.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.shytobuy.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 15 Feb 2022 20:21:24 GMT
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: https://www.shytobuy.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
46ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1558169150&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.shytobuy.de%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliates%26awc%3D22721_1644956483_317857d8709d3807159cf6d2e222db70&dr=https%3A%2F%2Flookandfind.me%2F&ul=en-us&de=UTF-8&dt=Pers%C3%B6nliche%20Pflege%20f%C3%BCr%20M%C3%A4nner%20und%20Frauen%20%7C%20ShytoBuy.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=Banner%20Viewed&_u=aGBAAEALQAAAAC~&jid=1402625007&gjid=491924004&cid=892784845.1644956485&tid=UA-23323245-1&_gid=1989015587.1644956485&_r=1&gtm=2wg290PTZB7F&cd1=other%3Bother%3Bother&cd6=https%3A%2F%2Flookandfind.me%2F&promo1id=204&promo1nm=shyde-trusted-shops&promo1cr=shyde-trusted-shops&promo1ps=1&promo2id=206&promo2nm=shyde-viaman&promo2cr=shyde-viaman&promo2ps=2&promo3id=146&promo3nm=shyde-viaher&promo3cr=shyde-viaher&promo3ps=3&z=260245086

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shytobuy.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shytobuy.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
47ms Ping
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shytobuy.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.shytobuy.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 46ms
46ms Ping
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shytobuy.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.shytobuy.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 46ms
46ms Ping
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shytobuy.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.shytobuy.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23323245-1&cid=892784845.1644956485&jid=1961262246&gjid=2051019680&_gid=1989015587.1644956485&_u=aGDAiEALRAAAAG~&z=1860315584

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shytobuy.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 15 Feb 2022 20:21:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.shytobuy.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1558169150&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.shytobuy.de%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliates%26awc%3D22721_1644956483_317857d8709d3807159cf6d2e222db70&dr=https%3A%2F%2Flookandfind.me%2F&ul=en-us&de=UTF-8&dt=Pers%C3%B6nliche%20Pflege%20f%C3%BCr%20M%C3%A4nner%20und%20Frauen%20%7C%20ShytoBuy.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25&el=percent&_u=aGDACEALRAAAAG~&jid=&gjid=&cid=892784845.1644956485&tid=UA-23323245-1&_gid=1989015587.1644956485&gtm=2wg290PTZB7F&cd1=Homepage%3B%3B&cd6=https%3A%2F%2Flookandfind.me%2F&z=1317324352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 21:24:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82597
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 97ms
49ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-987756850&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 20:21:24 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/980843944/ 42 B
548 B 89ms
88ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/980843944/?random=1644956484726&cv=9&fst=1644955200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fwww.shytobuy.de%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliates%26awc%3D22721_1644956483_317857d8709d3807159cf6d2e222db70&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Pers%C3%B6nliche%20Pflege%20f%C3%BCr%20M%C3%A4nner%20und%20Frauen%20%7C%20ShytoBuy.de&async=1&fmt=3&is_vtc=1&random=1112582132&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/980843944/ 42 B
548 B 137ms
54ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/980843944/?random=1644956484726&cv=9&fst=1644955200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fwww.shytobuy.de%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliates%26awc%3D22721_1644956483_317857d8709d3807159cf6d2e222db70&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Pers%C3%B6nliche%20Pflege%20f%C3%BCr%20M%C3%A4nner%20und%20Frauen%20%7C%20ShytoBuy.de&async=1&fmt=3&is_vtc=1&random=1112582132&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/411938/ 146 B
323 B 126ms
32ms XHR
application/json 52.213.204.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/411938/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.855de5fca5328f4d913a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.204.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-204-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd

Request headers

Referer: https://www.shytobuy.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 15 Feb 2022 20:21:25 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 411938 Show response
vc.hotjar.io/sessions/ 0
257 B 51ms
34ms XHR
text/plain 65.9.63.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/411938?s=0.25&r=0.05632297901654981
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.855de5fca5328f4d913a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-123.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:24 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: iyrIoxM2MBoe5yX_evXVnHIdyBmsiREjx2yTAlMq3N94SOGKL595bQ==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 39ms
18ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23323245-1&cid=892784845.1644956485&jid=1402625007&gjid=491924004&_gid=1989015587.1644956485&_u=aGBAAEAKQAAAAC~&z=2034877550

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shytobuy.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 15 Feb 2022 20:21:25 GMT
content-type: text/plain
access-control-allow-origin: https://www.shytobuy.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 64ms
63ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23323245-1&cid=892784845.1644956485&jid=1961262246&_u=aGDAiEALRAAAAG~&z=974058589

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 76ms
65ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23323245-1&cid=892784845.1644956485&jid=1961262246&_u=aGDAiEALRAAAAG~&z=974058589

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 cspreport
www.google.com/_/VerifiedReviewsBadgeUi/ Frame 09AD 0
23 B 216ms
166ms Other
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/VerifiedReviewsBadgeUi/cspreport

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-usRN5lb7/UL5eGAZVBA4pA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'nonce-usRN5lb7/UL5eGAZVBA4pA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport, require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=110097934&position=BOTTOM_LEFT&origin=https%3A%2F%2Fwww.shytobuy.de&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:25 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="VerifiedReviewsBadgeUi"
x-frame-options: SAMEORIGIN
report-to: {"group":"VerifiedReviewsBadgeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/VerifiedReviewsBadgeUi/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-usRN5lb7/UL5eGAZVBA4pA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'nonce-usRN5lb7/UL5eGAZVBA4pA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport, require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=_b,_tp Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/am=DQAE/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8... Frame 09AD 147 KB
52 KB 89ms
41ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/am=DQAE/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkQdMGYeLmNFZJ1C1ldByow0vH6IfA/m=_b,_tp

Requested by

Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=110097934&position=BOTTOM_LEFT&origin=https%3A%2F%2Fwww.shytobuy.de&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c963fc19c43c41cf98543471f377055d8ff535019605a4b27f388fb5fce5b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52728
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 06:07:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 16:38:12 GMT

GET
H2 200 gray_stars_large.png
www.gstatic.com/verifiedreviews/ Frame 09AD 943 B
1 KB 118ms
37ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/verifiedreviews/gray_stars_large.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd4188121a6c9b28d029ebc07cd1db2f35e0657b4a2e825f901ed8b2b37bb327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:15:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 7563
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 943
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Feb 2023 18:15:22 GMT

GET
H2 200 orange_stars_large.png
www.gstatic.com/verifiedreviews/ Frame 09AD 945 B
1 KB 117ms
37ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/verifiedreviews/orange_stars_large.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8703732fc112fb61adbc3715a19ebc0944a5544c64ee314ade6140ec57ec644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:11:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 7803
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 945
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Feb 2023 18:11:22 GMT

GET
H2 200 gcr_logo_stacked.png
www.gstatic.com/verifiedreviews/de/ Frame 09AD 1 KB
1 KB 117ms
38ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/verifiedreviews/de/gcr_logo_stacked.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08ebafe68699cf8a86a9aa6c4a01b47531acc0f2c058b8fea52938e4f841ac56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 10:37:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 35053
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1445
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Feb 2023 10:37:12 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/987756850/ 3 KB
1 KB 96ms
53ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987756850/?random=1644956485007&cv=9&fst=1644956485007&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.shytobuy.de%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliates%26awc%3D22721_1644956483_317857d8709d3807159cf6d2e222db70&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Pers%C3%B6nliche%20Pflege%20f%C3%BCr%20M%C3%A4nner%20und%20Frauen%20%7C%20ShytoBuy.de&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3747e28922bb72c354f978cb9d333028a61f7d10818561130fa40efabff565b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1154
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 105ms
68ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23323245-1&cid=892784845.1644956485&jid=1402625007&_u=aGBAAEAKQAAAAC~&z=1592758389

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 63ms
62ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23323245-1&cid=892784845.1644956485&jid=1402625007&_u=aGBAAEAKQAAAAC~&z=1592758389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK content Show response
ws15.hotjar.com/api/v2/sites/411938/recordings/ 66 B
397 B 289ms
108ms XHR
application/json 52.30.171.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws15.hotjar.com/api/v2/sites/411938/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.855de5fca5328f4d913a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.171.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-171-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bf36fe9748d39270a8d78ca10a25bd8d58d32efa5af88141e64853f76a0c856f

Request headers

Referer: https://www.shytobuy.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Tue, 15 Feb 2022 20:21:25 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 97CC 0
17 B 16ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.shytobuy.de
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.shytobuy.de
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Tue, 15 Feb 2022 20:21:25 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/987756850/ 42 B
64 B 94ms
94ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/987756850/?random=1644956485007&cv=9&fst=1644955200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.shytobuy.de%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliates%26awc%3D22721_1644956483_317857d8709d3807159cf6d2e222db70&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Pers%C3%B6nliche%20Pflege%20f%C3%BCr%20M%C3%A4nner%20und%20Frauen%20%7C%20ShytoBuy.de&async=1&fmt=3&is_vtc=1&random=4169500856&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/987756850/ 42 B
64 B 100ms
51ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/987756850/?random=1644956485007&cv=9&fst=1644955200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.shytobuy.de%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliates%26awc%3D22721_1644956483_317857d8709d3807159cf6d2e222db70&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Pers%C3%B6nliche%20Pflege%20f%C3%BCr%20M%C3%A4nner%20und%20Frauen%20%7C%20ShytoBuy.de&async=1&fmt=3&is_vtc=1&random=4169500856&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 20:21:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clk.min.js Show response
analytics.webgains.io/ 49 KB
50 KB 121ms
21ms Script
application/javascript 18.66.2.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/clk.min.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yFh%2BqcVmdOZbl12%2BLUq3k5bKZ0Cm72unmn5VMh80Fg5H7RxE9NiAbDXPSyOz7vsvJPpLIsZJdLIcEP29CkbeqItywV96A5lnz8ovn2Vzm7OomwT1beLSXn%2FtLPT5ciGcYw2iShGdZvdn1JMjWv38g%2Fo%2FPqBVxWV5igUcE3eoiGu1kVmKiKHBdRpjMUaqauqrd0mjnjUijxTeFbdqwfztX9hll1F2oTz8ewMg7K0Zpz33%2BNkSQAL5mMxZZLsxyydbQ3KJBZ9Rif%2BEicf1Ea12%2BbDm6KWeSse3i9eh5douTGRRUfD1J0ztkqVAxiUzImoLoNyZJKgkYE%2FNGO0vTCqZntjExEvZZKR2VoKIN3%2FN97yl%2B2fhlYKt2sCYCtRsVtJqP2z7uA0bvIIhPmcWEHUTIxjgAzOS%2BT2V4%2B9Y4P%2B0E2DJ%2FQpYtJZPGKbxqkF5hrUW5Suxc8wR5BRknJPjdsi0f%2ByXdJPO3bpvEvfat1v%2B7R%2FCObrzD7r47AUVdwWbDJgKwegTTFp%2BS7tzCrOxCw0WByy6riBpEho1J%2BPuLta7KuM5lQzZ%2FJZ2ZGYM%2BQJwVClAmtVal6gHmzOpaSg7sR0UyQkmdzmlksKf3QPRI7qEoS8kMcXTh5ilsOc6Kpg34DpGewtJ0MKnkbvWOO1ZKm2bbAORgpNezkIt7arGJX5GQs%2Fzxa5EnMpWvFfkXQRR27q6Jp%2FPf%2BoMtgdl3bKqoItfZLYW2ogzgDUA3wOTE7Jq6lDfua8S6o5uaLlt7Xosoj2E9g%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-114.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 792896dda6d79152abb4b11426e41d15fa2bdd54849d9449c67e29a0b2c68fc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shytobuy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: aMwdpH7KKz4iz0FbBe5xK_jljCtnVuqq
via: 1.1 7b78620285c9c4062375088b85834112.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 71389
etag: "436277d4aeaa4d23b185d1595676ae1b"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 15 Feb 2022 00:31:37 GMT
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 50514
x-amz-cf-id: z9hkOiMReV18_oCUEOvmOAKPiXEF2meanaHJB-C6ThJb_n5xXjio0Q==

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.mfzoIt... Frame 09AD 36 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.mfzoItS8J90.L.B1.O/am=DQAE/d=1/exm=_b,_tp/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkTyGleXU4hJzU50jxe_yiwrtDHZBg/ee=iFQyKf:vfuNJf;cEt90b:ws9Tlc;nAFL3:NTMZac;oGtAuc:sOXFj;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/am=DQAE/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkQdMGYeLmNFZJ1C1ldByow0vH6IfA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b031478d05264d35d94da26b528ae52e4bae24d22cade1a36ec0e7bb6495e316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13479
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 06:08:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 16:38:15 GMT

GET
H3 200 m=xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.mfzoIt... Frame 09AD 59 KB
20 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.mfzoItS8J90.L.B1.O/am=DQAE/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkTyGleXU4hJzU50jxe_yiwrtDHZBg/ee=iFQyKf:vfuNJf;cEt90b:ws9Tlc;nAFL3:NTMZac;oGtAuc:sOXFj;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/am=DQAE/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkQdMGYeLmNFZJ1C1ldByow0vH6IfA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f3d0f1bd407e480ceda25f458cf48e4c7c1fa1b142ad144c0162451ff6d5273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20952
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 06:08:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 16:38:15 GMT

GET
H3 200 api.js Show response
apis.google.com/js/ Frame 09AD 13 KB
5 KB 77ms
77ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.mfzoItS8J90.L.B1.O/am=DQAE/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkTyGleXU4hJzU50jxe_yiwrtDHZBg/ee=iFQyKf:vfuNJf;cEt90b:ws9Tlc;nAFL3:NTMZac;oGtAuc:sOXFj;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bbf357982012377de5ebb791e829d92484c3c08d0deea53868c9d76e686d6f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Oab1DnzrifvCkI14EbHfXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
etag: "4b7584baa987d04e0217e4af14b7f889"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-Oab1DnzrifvCkI14EbHfXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 15 Feb 2022 20:21:25 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ Frame 09AD 128 KB
42 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a8a11b37a521bf7071c39e814c8d4e25ad40cfcbce0456342b8eebba53b4b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43054
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 11:16:20 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.mfzoIt... Frame 09AD 28 KB
12 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.mfzoItS8J90.L.B1.O/am=DQAE/d=1/exm=IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,_b,_tp,byfTOb,gychg,hc6Ubd,lsjVmc,n73qwf,vfuNJf,vhDjqd,ws9Tlc,xUdipf/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkTyGleXU4hJzU50jxe_yiwrtDHZBg/ee=iFQyKf:vfuNJf;cEt90b:ws9Tlc;nAFL3:NTMZac;oGtAuc:sOXFj;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/am=DQAE/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkQdMGYeLmNFZJ1C1ldByow0vH6IfA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd607b6479907fdd10df29e877a9073015e39cb851cb294da947af07a8e8e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11756
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 06:08:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 16:38:16 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.mfzoIt... Frame 09AD 5 KB
2 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.mfzoItS8J90.L.B1.O/am=DQAE/d=1/exm=FCpbqb,IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,WhJNk,Wt6vjf,_b,_tp,byfTOb,gychg,hc6Ubd,hhhU8,lsjVmc,n73qwf,vfuNJf,vhDjqd,ws9Tlc,xUdipf/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkTyGleXU4hJzU50jxe_yiwrtDHZBg/ee=iFQyKf:vfuNJf;cEt90b:ws9Tlc;nAFL3:NTMZac;oGtAuc:sOXFj;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=lwddkf,EFQ78c

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/am=DQAE/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkQdMGYeLmNFZJ1C1ldByow0vH6IfA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2071a90300d2f2738d920d9ad86ca406f8b660b03321a26709d4521f378ff2e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2166
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 06:08:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 16:38:16 GMT

POST
H2 200 log Show response
play.google.com/ Frame 09AD 131 B
671 B 144ms
48ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.c4chq9qoNWM.es5.O/am=DQAE/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkQdMGYeLmNFZJ1C1ldByow0vH6IfA/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 15 Feb 2022 20:21:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://www.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 15 Feb 2022 20:21:25 GMT

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
praamountplus.com/	1970-01-23 16:31:56	Name: __tad Value: 1644956480.4034251
.1redirc.com/	1970-01-20 09:41:32	Name: __dsnsid Value: 2022021607212186af4c5044eb4fbad5
clever-redirect.com/	1970-01-20 00:57:22	Name: 4240c6f1199c2ddab78958dab29c0f5e Value: 6eb0407faf5bdc7a215440a9ec41f6def764ea66e08b09cb6b29bd7067da8af1a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%224240c6f1199c2ddab78958dab29c0f5e%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
lookandfind.me/	1970-01-20 00:57:22	Name: 6cc929716b165914279df6f848623437 Value: 08f5b475e00b79bb97ae7bcea96f77b5f78b1bd6b6124235235c448ae1d70cb0a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%226cc929716b165914279df6f848623437%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
.awin1.com/	1970-01-20 01:39:08	Name: aw22721 Value: 926315\|0\|0\|1644956483\|42ebee57a89e34631d65c6767b76d539\|aw\|0
.awin1.com/	1970-01-20 09:41:32	Name: bId Value: HLEX_620c0b438f0b58.08070981
www.shytobuy.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: 007c3c4ef57827df1892a3e28357592c
.bing.com/	1970-01-20 10:17:32	Name: MUID Value: 3B1025048338667630EE344882EA6733
.shytobuy.de/	1970-01-20 00:57:22	Name: _uetsid Value: d8ba3e708e9c11ec84e8dbbb8d7ddcf0
.shytobuy.de/	1970-01-20 10:17:32	Name: _uetvid Value: d8ba5fb08e9c11ec904303f71038d312
.google.com/	1970-01-20 05:19:27	Name: NID Value: 511=jGNGLSTBV2BL-nbuelqifcw20lEnGuxeyTqB7B6V6W4W-l5MckkMYGdT8NF8etVaGnGIIVBmd4LbEHl4EjPgHbYNO8bZNLDYfpbbv09wVshSM0VMQyJEDr2yNqmsEsoN7XZKBmswWZ1nq7nWB0tmbB8kwQWJ_GP8UTuocNF5Rf8
www.shytobuy.de/	1970-01-20 00:56:07	Name: XSRF-TOKEN Value: eyJpdiI6ImNSTnlDU3RDNmZTaTBNMlZZYmtkOVE9PSIsInZhbHVlIjoiYWNkK2pveWlFVVRBNG9OWExuNHBXYkgrTTFNZGpiNTF2RmUydElYUzhmR0sraWYxbUNxeHFRWVhVQXJQR2dMQlpTNkdneWFMU3hONW9FOVdcL1dXbzJKYWE2dkRKVnBoc2dSU3Y1TGMzTXV1OUtVTGIwVXB2QWVBNEI3YzhkRWtGIiwibWFjIjoiYjAzY2ZjMDZkMDk1ODE0ZDhkNWUzOGRlNjY4ZDFhMGMxZGU2MDI3NWNlNGZkMWZmNmFlNjQyYmQxOWRmZGYwZCJ9
www.shytobuy.de/	1970-01-20 00:56:07	Name: laravel_session Value: eyJpdiI6Ijl6dXlIU09UbUtXSlVZSmR5S0NSOWc9PSIsInZhbHVlIjoibjNRb0JISml6Q1YxMnVDMFY5aU1NQXpPYWJmbTlpaHA4RStRMGdPWWgxTHVEdEFBSWJqM1V5R3hLOFoyTGtFUHZhU04xaHdNXC9JUUJodE9uSDJyMVVSYTN3OEhxQlpzR01GOXVONGFSSUpkOEtMMm9BMWpUK0oydDFYVzU4dHhaIiwibWFjIjoiNTg4NzdhN2VjNGQ5YzQ5YWY0NjI1MjVhOWEzMzFhZjBlMDY2Yjg0MGIwYWNhNWQxMGE3NDYyNjU5NmQyZTRhMyJ9
.shytobuy.de/	1970-01-20 03:05:32	Name: _fbp Value: fb.1.1644956484525.449869641
.shytobuy.de/	1970-01-20 03:05:32	Name: _gcl_au Value: 1.1.2082567767.1644956485
.shytobuy.de/	1970-01-20 09:41:32	Name: _aw_m_22721 Value: 22721_1644956483_317857d8709d3807159cf6d2e222db70
.shytobuy.de/	1970-01-20 18:27:08	Name: _ga Value: GA1.2.892784845.1644956485
.shytobuy.de/	1970-01-20 00:57:22	Name: _gid Value: GA1.2.1989015587.1644956485
.shytobuy.de/	1970-01-20 00:55:56	Name: _gat_UA-23323245-1 Value: 1
.shytobuy.de/	1970-01-20 00:55:56	Name: _dc_gtm_UA-23323245-1 Value: 1
.sciencebehindecommerce.com/	1970-01-20 09:41:32	Name: _D9J Value: 1e613a4ea1b74351850debeb699f4d53
.shytobuy.de/	1970-01-20 09:41:32	Name: _hjSessionUser_411938 Value: eyJpZCI6ImRhZWM5ZTViLWY4ZGYtNTllOS04NDM2LTU0MjViODIxODQ2NiIsImNyZWF0ZWQiOjE2NDQ5NTY0ODQ2OTksImV4aXN0aW5nIjpmYWxzZX0=
.shytobuy.de/	1970-01-20 00:55:58	Name: _hjFirstSeen Value: 1
www.shytobuy.de/	1970-01-20 00:55:56	Name: _hjIncludedInSessionSample Value: 1
.shytobuy.de/	1970-01-20 00:55:58	Name: _hjSession_411938 Value: eyJpZCI6IjhjNWIzNjQ0LTk3NTUtNDk1Yy1iNDAwLTZkNzZjYjNmNjUwNCIsImNyZWF0ZWQiOjE2NDQ5NTY0ODQ5MDQsImluU2FtcGxlIjp0cnVlfQ==
www.shytobuy.de/	1970-01-20 00:55:56	Name: _hjIncludedInPageviewSample Value: 1
.shytobuy.de/	1970-01-20 00:55:58	Name: _hjAbsoluteSessionInProgress Value: 1
.doubleclick.net/	1970-01-20 10:17:32	Name: IDE Value: AHWqTUni5i_kK-Vspj55-ter_ykoKKy46PF2yFcOpNL1J3Bf286z94c_giHxgCun

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
javascript	warning	URL: https://www.shytobuy.de/?utm_source=awin&utm_medium=affiliates&awc=22721_1644956483_317857d8709d3807159cf6d2e222db70 Message: The resource https://www.shytobuy.de/assets/shytobuy/fonts/usp-icons/usp-icon.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirc.com
analytics.webgains.io
apis.google.com
bat.bing.com
clever-redirect.com
connect.facebook.net
googleads.g.doubleclick.net
in.hotjar.com
lookandfind.me
play.google.com
praamountplus.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
the.sciencebehindecommerce.com
vars.hotjar.com
vc.hotjar.io
widgets.trustedshops.com
ws15.hotjar.com
www.awin1.com
www.dwin1.com
www.e-healthexpress.co.uk
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.shytobuy.de
www.zenaps.com
103.224.182.206
103.224.182.251
104.160.72.8
104.92.94.3
142.250.185.66
143.204.215.65
143.204.215.79
157.90.169.168
18.66.2.114
2600:9000:214f:4400:f:8ce2:fb80:93a1
2606:4700:10::6816:3668
2606:4700:3108::ac42:28fc
2620:1ec:c11::200
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::200e
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c00::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.213.204.33
52.214.94.201
52.30.171.74
52.48.188.246
65.9.63.123
65.9.63.27
65.9.63.46
78.46.197.88
00e1651533a154157dfaae04f06b1b6755a2af90b9e726836e68940778a1030a
030402328b337e6826de921d73c35ca78b00d5023f69cd3f8bc755fd90f3d07f
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05d05634e34daeed9a1ce7436856020ad2367f34e02270f71d47b45ce828624c
05d3dd11907d6987061092439eee7831debc60fc9528c1079b523cfcff3a3697
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
08d6d954f1493cb4d94046e867734d818ab9f1372ddd71524beb0bfbfdc2eab5
08ebafe68699cf8a86a9aa6c4a01b47531acc0f2c058b8fea52938e4f841ac56
0ebab84fbd212f2516b8297ad0907b739c15ace52b98e2f933b570e58e0ad014
10446b66691ce8de620591bf09ed26c1de07d7d991b439d760c95b4126467656
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13794552fab4e8f8bff0be17c0b506921655b5699f73049990293f33091941f7
1774e334b6354d5cf7d2efb580cdeb8dff01fd83a1d1310402e9ec8fa18f3a91
2071a90300d2f2738d920d9ad86ca406f8b660b03321a26709d4521f378ff2e3
22806d064064501e4e2667281f506301657a3e565188fbfbfbf3fa671a77c703
23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250
26624e073695efac2c94a1fdebc8c9c2da2cd82dbc3544757fe7ce58ae605f1e
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
294da8ae576ea40d68f310dd03327328ce475842bcb15d80e58277101105366a
2b111bae6fafeab9e2767cc928149b589cdf935a5c9948c8c475201037b39b2a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31cc1fa66917274fe3248969946dddee29c54bfb5e3c198e4118bae72bc962ea
3747e28922bb72c354f978cb9d333028a61f7d10818561130fa40efabff565b1
38ebe1604a541ddcd3fab222ee4f70d323ae7e6eb10d3447922e072f1af1930c
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
4216f3475fd83cc9e41ec6a4b2d34896f4af37229e172a6f7f6b31b60ba6e6b4
42ee2579a672fac0e0a1b8140f786a04e5f0801a08356543ef80fbf3e05d2af6
45414d90709f784fcb63afe7b2827e4ebe5ebd9b94841a05629395f3943bbc2a
4bbf357982012377de5ebb791e829d92484c3c08d0deea53868c9d76e686d6f2
4c48ad5069d380e82f13e6bf81da4add134a36dc33ec6a5b5fe9be989646565e
4e041c7f4900bd38e8679d1a4dcd080fa77f85c3ec1851ab8dff014d9f2aa734
4e44ac0492d93953497ba7cc4cad3de9106bb65250fe5142172a80ecd7273bc8
4ecf3b04234a631113f4cd6adba91ec189a902759a054adae69e313bb009de98
4f64360c9883052e74fd818dee717892c2f5c30aa00093acafb4b60c89bad703
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
55a912533cc280a578a7fa996813bef27bde0c2329e90e4fa1d3cdf5a5d5cb37
57156bdff68e94fa8110237805e69d8b634f3886cc40a10e16635aef8b7067d3
5a1a3e49bc815f977b93a77092ab60ebbf9fc1f4211ba3de1c6743df2414844e
5d216c956bfd615c0a3967ae62b40fb90efaeaef453b48c135544a7dfb852639
5fd607b6479907fdd10df29e877a9073015e39cb851cb294da947af07a8e8e35
6286c7048a4a46366969030585bf568f6c4f1d24dd561d437d74459825bf7358
669af987b4d05885604acdedc4dfd7eae5222007c61dbcd821266dd2d8c2bd66
67405cfc3de628adb9e825fbf92871dd6dc89e4760d028df60a9f97160d85698
679a10f073febbcecb5ccf7026fa4cf24eac21858b63eeb40b4e882d583bf3eb
6b5626c7b0857b3541aac4737d38b4ad92b9615b91f46af12479d5048c5e4cc7
6c963fc19c43c41cf98543471f377055d8ff535019605a4b27f388fb5fce5b90
6e5578577a76635d2e9e0cf7cfbd14d3c9418ec11905cd964f0897c948d858bf
708c868bcc062f5dd44c03649a5c79495980e8713cd9caef76d01523a539a4b4
70998ec864b63bb5d4220a043db7475094773324e1c001dcba5d360905766c9b
732624687458ac7d243fbc2934392d2d1e58f7427c1ca434c902b9b68ad61233
738c53f4e44a779f7b83e4903542d03ac6d2835db69710c3a26e1afdd4c06778
74492e111cec3b97b63e90ee0e62e714a69fb4db8527585a310db384cbd35e7d
792896dda6d79152abb4b11426e41d15fa2bdd54849d9449c67e29a0b2c68fc8
7e1c8d19e892d90f7fcece0121eb068639e12944716a97808ce9312fcd839877
7f3d0f1bd407e480ceda25f458cf48e4c7c1fa1b142ad144c0162451ff6d5273
822eefd63c78db9f4e0b497609e1fff82a64b2acb42fc5c11b084c5b14822812
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
89afeb7ea7fb1e53b0a2fb1a6cbf27e442077c274df71d5b4c9192128e53eae0
8a8a11b37a521bf7071c39e814c8d4e25ad40cfcbce0456342b8eebba53b4b1f
9c242573eaccc113e007227fc14d40a121be886fff3e77f26915329a414839a2
9f74e6d99c028b5f4c20f7fd3b77adc884b1ee62585b4449903e4e145646a53d
a067c16d02d54a9863ede9d374b25db42133d86f84af9425f632b2b0d1b7f857
a126e3a96f4f3d08f6bfc91cebed7303be9bef796c024a9b2419bcb5fbf66097
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a6d6514328ae2190342da41687544a458508323e3cc3dc462cfbdf5f11232496
a8703732fc112fb61adbc3715a19ebc0944a5544c64ee314ade6140ec57ec644
a9c0dee2fbfe7831d39b96163855b9d469d42e919c193172390804cb5336c10a
ab8a11309ffd46e531d60995770782bedee1a65518af4faf1151030122e90be5
adb16943d5be698f5f8b788a4e2e1e1deab4a9ca6d1b5433a2a364df4d705c0c
b031478d05264d35d94da26b528ae52e4bae24d22cade1a36ec0e7bb6495e316
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b30530916ccf927a18418e8bd6494297c7a0c9453a7cb0dfacb27af678404e8a
bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd
bf36fe9748d39270a8d78ca10a25bd8d58d32efa5af88141e64853f76a0c856f
c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec
c9003cc2be93c9d9905c8f5279b5c3a0fc1bb6a2c64c04ef5a7218aa8f15cf94
caacd9ee5a2841279f9be4df420753557d1c5659a26b3495c86c3eb15f9cdb74
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d83d5b85169ec057e50d2cde35b8fe806c5479f1cbc18e9b48f7810d80873312
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7761ecae0ef9c0b4284031d67cc18d1ab97a4283df43661e62f398d07557a2e
ec7ad140802eb6e6fb96675047158c61737ca0e761b0691d8c331daa3516fa00
ecf2ed5da484815da1e21a73491cf5503dcf520c99500407166ec8541912489a
edb59f433f8191a7af6ecc0509c79c6b6929387fee15723d9ee382822b49e789
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5426875ceb50e492c6d93c800d86c5935c95d7511a13474a985cbd249e98d7
f0053e6e6ae034d8cb0c251ec65299bf676850ed25c3614f0d4beb84241ebd87
f00ce40696e8b22c4739763c8255f6682f60a52eee5298ecc69077fbb870bc02
f1a3c2bc69e210a11ef46cce8324a809303ee3168a57dde6a20184429348f1d0
f21a07b8173a59a6cdf3f46d46a4bd1b14e4146d4e1c80a543021a6d69b2fe8c
f32399a75fbe79869f38a665e3189ef17d2d51ab4f9e18863bd78227b65aafd9
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f88c018173cda6e4f60ced5814edecaab6f1acced5a909a9ea46ce29923369ce
f8c5f02c91a7758e1e35a7c701346957ad13875a52d6041ca1b39a9c1329d291
fb1a725ee56914413c6ff7374a9e506d70a0704b2ba6aea5eb8468f08b662e3a
fd1dfec2f062c14bd3d13b33434953aa3331f2b17720ee149bcdf7afb677275c
fd4188121a6c9b28d029ebc07cd1db2f35e0657b4a2e825f901ed8b2b37bb327

www.shytobuy.de Open in urlscan Pro 2606:4700:3108::ac42:28fc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

144 Requests

97 %HTTPS

47 %IPv6

25 Domains

33 Subdomains

31 IPs

5 Countries

2237 kBTransfer

4850 kBSize

28 Cookies

12 Outgoing links

Page URL History

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.shytobuy.de Open in urlscan Pro
2606:4700:3108::ac42:28fc Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

97 %
HTTPS

47 %
IPv6

25
Domains

33
Subdomains

31
IPs

5
Countries

2237 kB
Transfer

4850 kB
Size

28
Cookies

144 HTTP transactions
2 data transactions