SHEIN

shein.com

Compare

Geo-redirect detected

https://shein.com redirected to https://nl.shein.com/?cdn_rsite=cf&ref=www&rep=dir&ret=nl.

https://shein.com

Scanned Apr 15, 2026 · 29.2s

Your website score is

0/100
Critical

Grade

F0

Banner

No

Regulatory Compliance

Multi-regulation overview — click any regulation for details

Technical scan only. A passing score does not equal legal compliance. Consult qualified legal counsel for your jurisdiction.

Tag Leak detected 94 user data leaks before consent on shein.com, including Shein (Advertising Tracker), Microsoft Ads, GA4 and 38 more.

Security Headers

4/6 present

Strict-Transport-Security

max-age=7776000000; includeSubDomains

Content-Security-Policy

frame-ancestors *.shein.com https://www.shein.com.hk https://www.shein.com.vn https://www.shein.com.mx https://www.shein.co.uk https://www.shein.tw https://www.shein.se https://co.shein.com https://www.shein.com.co

X-Frame-Options

Add X-Frame-Options header to prevent clickjacking attacks

X-Content-Type-Options

nosniff

Referrer-Policy

no-referrer-when-downgrade

Permissions-Policy

Add a Permissions-Policy header to restrict browser features like camera, microphone, and geolocation

Google Consent Mode

V2
100/100
GTM Containers:GTM-P3BRQW

Consent Parameters

ParameterDefault
Ad Storagedenied
Ad User Datadenied
Ad Personalizationdenied
Analytics Storagedenied
Functionality Storagenot_set
Personalization Storagenot_set
Security Storagenot_set

Post-Rejection Audit

Reject Button

Missing

Post-Rejection Fires

0 vendors

Consent Mode

Not Detected

GTM Load

3027ms pre-consent

Google Tag Manager(GTM-P3BRQW)

Loaded 3027ms after page load — before the consent banner was detected. Per a 2022 German court ruling, GTM itself transmits the user's IP to Google pre-consent.

Consent Mode V2: Not Detected

Google Consent Mode was not detected on this site.

Consent Record Audit

Issues detected

Consent record stored after interaction

GDPR Art. 7(1)

No consent record written — cannot prove consent was given

No CMP consent cookie or localStorage entry was found after the consent interaction. GDPR requires controllers to demonstrate consent was given.

Consent withdrawal mechanism accessible

GDPR Art. 7(3)

No way for users to withdraw consent found on page

No cookie settings link, footer link, or floating consent button was detected. GDPR requires users to withdraw consent as easily as they gave it.

Why this matters

Under GDPR Article 7, controllers must be able to demonstrate that consent was given (Art. 7(1)) and ensure users can withdraw consent at any time, as easily as giving it (Art. 7(3)). Sites with no consent record or no withdrawal mechanism cannot legally rely on consent as a lawful basis.

Tracker categories detected

Advertising24 vendors
Analytics1 vendor
Marketing16 vendors
Security2
Functional2 vendors
Tag Management1 vendor
Critical75
Twitter/X Pixel
Twitter/X Pixel2 findingsID tracked

t.co, static.ads-twitter.com

Twitter/X Pixel
criticalNetworkAdvertisingTwitter/X Pixel

Twitter/X Pixel (X (Twitter)) loaded before consent: Twitter/X ad conversion tracking endpoint

ID: twHost: t.coFired: 3024ms after load
Twitter/X Pixel
criticalNetworkAdvertisingTwitter/X Pixel

Twitter/X Pixel (X (Twitter)) loaded before consent: Loads Twitter/X conversion tracking script

Host: static.ads-twitter.comFired: 2911ms after load
Pinterest Tag
Pinterest Tag3 findingsID tracked

ct.pinterest.com, s.pinimg.com, _pin_unauth

Pinterest Tag
criticalNetworkAdvertisingPinterest Tag

Pinterest Tag (Pinterest) loaded before consent: Pinterest conversion tracking

ID: 2614477972065Host: ct.pinterest.comFired: 3283ms after load
Pinterest Tag
criticalNetworkAdvertisingPinterest Tag

Pinterest Tag (Pinterest) loaded before consent: Pinterest tag script loader

Host: s.pinimg.comFired: 2911ms after load
Pinterest Tag
criticalCookieAdvertisingPinterest Tag

Pinterest Tag cookie "_pin_unauth" set before consent

Cookie: _pin_unauthDomain: .nl.shein.com
Shein (Advertising Tracker)
Shein (Advertising Tracker)6 findings

cjs.ltwebstatic.com, armor.ltwebstatic.com, sc.ltwebstatic.com, common.ltwebstatic.com, img.ltwebstatic.com, shein.ltwebstatic.com

Shein (Advertising Tracker)
criticalNetworkAdvertisingShein (Advertising Tracker)

Shein (advertising) loaded before consent

Host: cjs.ltwebstatic.comFired: 757ms after load
Shein (Advertising Tracker)
criticalNetworkAdvertisingShein (Advertising Tracker)

Shein (advertising) loaded before consent

Host: armor.ltwebstatic.comFired: 839ms after load
Shein (Advertising Tracker)
criticalNetworkAdvertisingShein (Advertising Tracker)

Shein (advertising) loaded before consent

Host: sc.ltwebstatic.comFired: 839ms after load
Shein (Advertising Tracker)
criticalNetworkAdvertisingShein (Advertising Tracker)

Shein (advertising) loaded before consent

Host: common.ltwebstatic.comFired: 839ms after load
Shein (Advertising Tracker)
criticalNetworkAdvertisingShein (Advertising Tracker)

Shein (advertising) loaded before consent

Host: img.ltwebstatic.comFired: 1048ms after load
Shein (Advertising Tracker)
criticalNetworkAdvertisingShein (Advertising Tracker)

Shein (advertising) loaded before consent

Host: shein.ltwebstatic.comFired: 2343ms after load
Microsoft Ads
criticalNetworkAdvertisingMicrosoft Ads

Microsoft Ads (Microsoft) loaded before consent: Microsoft Ads (Bing) UET conversion tracking

Host: bat.bing.comFired: 2902ms after load
GA4
criticalNetworkAnalyticsGA4

GA4 loads before consent — this is expected and required for GCM v2 to initialise consent defaults before any tags fire

Host: www.googletagmanager.comFired: 2908ms after load
Criteo (Advertising Tracker)
Criteo (Advertising Tracker)4 findings

dynamic.criteo.com, gum.criteo.com, sslwidget.criteo.com, x.bidswitch.net

Criteo (Advertising Tracker)
criticalNetworkAdvertisingCriteo (Advertising Tracker)

Criteo (advertising) loaded before consent

Host: dynamic.criteo.comFired: 2908ms after load
Criteo (Advertising Tracker)
criticalNetworkAdvertisingCriteo (Advertising Tracker)

Criteo (advertising) loaded before consent

Host: gum.criteo.comFired: 3103ms after load
Criteo (Advertising Tracker)
criticalNetworkAdvertisingCriteo (Advertising Tracker)

Criteo (advertising) loaded before consent

Host: sslwidget.criteo.comFired: 3311ms after load
Criteo (Advertising Tracker)
criticalNetworkAdvertisingCriteo (Advertising Tracker)

Criteo (advertising) loaded before consent

Host: x.bidswitch.netFired: 3904ms after load
Meta Pixel
criticalNetworkAdvertisingMeta Pixel

Meta Pixel (Meta) loaded before consent: Sends user data to Meta for ad targeting and conversion tracking

Host: connect.facebook.netFired: 2908ms after load
Snapchat Pixel
Snapchat Pixel4 findings

sc-static.net, tr.snapchat.com, _scid, _scid_r

Snapchat Pixel
criticalNetworkAdvertisingSnapchat Pixel

Snapchat Pixel (Snapchat) loaded before consent: Loads Snapchat conversion tracking script

Host: sc-static.netFired: 2911ms after load
Snapchat Pixel
criticalNetworkAdvertisingSnapchat Pixel

Snapchat Pixel (Snapchat) loaded before consent: Snapchat pixel tracking endpoint

Host: tr.snapchat.comFired: 3826ms after load
Snapchat Pixel
criticalCookieAdvertisingSnapchat Pixel

Snapchat Pixel cookie "_scid" set before consent

Cookie: _scidDomain: .shein.com
Snapchat Pixel
criticalCookieAdvertisingSnapchat Pixel

Snapchat Pixel cookie "_scid_r" set before consent

Cookie: _scid_rDomain: .shein.com
ZOETOP (Advertising Tracker)
criticalNetworkAdvertisingZOETOP (Advertising Tracker)

ZOETOP (advertising) loaded before consent

Host: www.srmdata-eur.comFired: 3468ms after load
Advertising Tracker
Advertising Tracker2 findings

bat.bing.net, cs.media.net

Advertising Tracker
criticalNetworkAdvertisingAdvertising Tracker

advertising tracker at bat.bing.net loaded before consent

Host: bat.bing.netFired: 3744ms after load
Advertising Tracker
criticalNetworkAdvertisingAdvertising Tracker

advertising tracker at cs.media.net loaded before consent

Host: cs.media.netFired: 3904ms after load
PubMatic (Advertising Tracker)
PubMatic (Advertising Tracker)2 findings

simage4.pubmatic.com, simage2.pubmatic.com

PubMatic (Advertising Tracker)
criticalNetworkAdvertisingPubMatic (Advertising Tracker)

PubMatic (advertising) loaded before consent

Host: simage4.pubmatic.comFired: 3904ms after load
PubMatic (Advertising Tracker)
criticalNetworkAdvertisingPubMatic (Advertising Tracker)

PubMatic (advertising) loaded before consent

Host: simage2.pubmatic.comFired: 3905ms after load
IndexExchange (Advertising Tracker)
criticalNetworkAdvertisingIndexExchange (Advertising Tracker)

IndexExchange (advertising) loaded before consent

Host: r.casalemedia.comFired: 3904ms after load
ID5 (Advertising Tracker)
criticalNetworkAdvertisingID5 (Advertising Tracker)

ID5 (advertising) loaded before consent

Host: id5-sync.comFired: 3904ms after load
Azerion (Advertising Tracker)
criticalNetworkAdvertisingAzerion (Advertising Tracker)

Azerion (advertising) loaded before consent

Host: ad.360yield.comFired: 3904ms after load
Mediavine (Advertising Tracker)
criticalNetworkAdvertisingMediavine (Advertising Tracker)

Mediavine (advertising) loaded before consent

Host: exchange.mediavine.comFired: 3905ms after load
Life360 (Advertising Tracker)
criticalNetworkAdvertisingLife360 (Advertising Tracker)

Life360 (advertising) loaded before consent

Host: jadserve.postrelease.comFired: 3905ms after load
Teads (Advertising Tracker)
Teads (Advertising Tracker)2 findings

sync.outbrain.com, criteo-sync.teads.tv

Teads (Advertising Tracker)
criticalNetworkAdvertisingTeads (Advertising Tracker)

Teads (advertising) loaded before consent

Host: sync.outbrain.comFired: 3905ms after load
Teads (Advertising Tracker)
criticalNetworkAdvertisingTeads (Advertising Tracker)

Teads (advertising) loaded before consent

Host: criteo-sync.teads.tvFired: 3906ms after load
Equativ (Advertising Tracker)
criticalNetworkAdvertisingEquativ (Advertising Tracker)

Equativ (advertising) loaded before consent

Host: rtb-csync.smartadserver.comFired: 3905ms after load
Taboola (Advertising Tracker)
criticalNetworkAdvertisingTaboola (Advertising Tracker)

Taboola (advertising) loaded before consent

Host: sync-t1.taboola.comFired: 3905ms after load
Nexxen (Advertising Tracker)
Nexxen (Advertising Tracker)3 findings

criteo-partners.tremorhub.com, sync.1rx.io, sync.targeting.unrulymedia.com

Nexxen (Advertising Tracker)
criticalNetworkAdvertisingNexxen (Advertising Tracker)

Nexxen (advertising) loaded before consent

Host: criteo-partners.tremorhub.comFired: 3906ms after load
Nexxen (Advertising Tracker)
criticalNetworkAdvertisingNexxen (Advertising Tracker)

Nexxen (advertising) loaded before consent

Host: sync.1rx.ioFired: 3906ms after load
Nexxen (Advertising Tracker)
criticalNetworkAdvertisingNexxen (Advertising Tracker)

Nexxen (advertising) loaded before consent

Host: sync.targeting.unrulymedia.comFired: 4457ms after load
TripleLift (Advertising Tracker)
criticalNetworkAdvertisingTripleLift (Advertising Tracker)

TripleLift (advertising) loaded before consent

Host: eb2.3lift.comFired: 3906ms after load
VirtualMinds (Advertising Tracker)
criticalNetworkAdvertisingVirtualMinds (Advertising Tracker)

VirtualMinds (advertising) loaded before consent

Host: ad.yieldlab.netFired: 3906ms after load
Adobe (Tracker Tracker)
criticalNetworkAdobe (Tracker Tracker)

Adobe (tracker) loaded before consent

Host: dpm.demdex.netFired: 3930ms after load
Criteo
Criteo2 findings

dis.criteo.com, cto_bundle

Criteo
criticalNetworkAdvertisingCriteo

Criteo (Criteo) loaded before consent: Criteo display ad delivery endpoint

Host: dis.criteo.comFired: 3965ms after load
Criteo
criticalCookieAdvertisingCriteo

Criteo cookie "cto_bundle" set before consent

Cookie: cto_bundleDomain: .criteo.com
TransUnion (Advertising Tracker)
criticalNetworkAdvertisingTransUnion (Advertising Tracker)

TransUnion (advertising) loaded before consent

Host: aa.agkn.comFired: 4655ms after load
Adform
criticalCookieMarketingAdform

Adform cookie "uid" set before consent — Contains a unique ID to identify a user

Cookie: uidDomain: .criteo.comRetention: 60 days
X2 findings

muc_ads, personalization_id

criticalCookieMarketingX

X cookie "muc_ads" set before consent — These cookies are placed when you come to our website via X. A cookie from X is also placed on our website, with which we can later show a relevant offer on X

Cookie: muc_adsDomain: .t.coRetention: 24 months
criticalCookieMarketingX

X cookie "personalization_id" set before consent — Unique value with which users can be identified by X. Collected information is used to be personalize X services, including X trends, stories, ads and suggestions.

Cookie: personalization_idDomain: .twitter.comRetention: 2 years
DoubleClick/Google Marketing
criticalCookieMarketingDoubleClick/Google Marketing

DoubleClick/Google Marketing cookie "ar_debug" set before consent — Store and track conversions

Cookie: ar_debugDomain: .pinterest.comRetention: Persistent
Pinterest
criticalCookieMarketingPinterest

Pinterest cookie "_pinterest_ct_ua" set before consent — This cookieis a third party cookie which groups actions for users who cannot be identified by Pinterest.

Cookie: _pinterest_ct_uaDomain: .ct.pinterest.comRetention: session
PubMatic
PubMatic2 findings

KADUSERCOOKIE, SPugT

PubMatic
criticalCookieMarketingPubMatic

PubMatic cookie "KADUSERCOOKIE" set before consent — PubMatic UserId. this identifier to identify each user uniquely. Some of the uses of this anonymous identifier are to support frequency capping, perform UID sync ups with DSP's, DMP's. DMP's / DP's push audicne data against this ID. API publishers sends this ID while making API requests to PubMatic AdServer. UAS Ad Engine also uses this cookie for FCAP purposes.

Cookie: KADUSERCOOKIEDomain: .pubmatic.comRetention: 90 days
PubMatic
criticalCookieMarketingPubMatic

PubMatic cookie "SPugT" set before consent — This cookie is used to track when the server-side cookie store was last updated for the browser, and it is used in conjunction with the PugT cookie, described below.

Cookie: SPugTDomain: .pubmatic.comRetention: 30 days
Casale Media3 findings

CMID, CMPS, CMPRO

criticalCookieMarketingCasale Media

Casale Media cookie "CMID" set before consent — Collects visitor data related to the user's visits to the website, such as the number of visits, average time spent on the website and what pages have been loaded, with the purpose of displaying targeted ads.

Cookie: CMIDDomain: .casalemedia.comRetention: 1 day
criticalCookieMarketingCasale Media

Casale Media cookie "CMPS" set before consent — Collects visitor data related to the user's visits to the website, such as the number of visits, average time spent on the website and what pages have been loaded, with the purpose of displaying targeted ads

Cookie: CMPSDomain: .casalemedia.comRetention: 1 day
criticalCookieMarketingCasale Media

Casale Media cookie "CMPRO" set before consent — Collects data on visitor behaviour from multiple websites, in order to present more relevant advertisement - This also allows the website to limit the number of times that the visitor is shown the same advertisement.

Cookie: CMPRODomain: .casalemedia.comRetention: 1 day
MediaVine2 findings

mv_tokens, am_tokens

criticalCookieMarketingMediaVine

MediaVine cookie "mv_tokens" set before consent — Sets a unique ID for the visitor that allows third party advertisers to target the visitor with relevant advertisement. This pairing service is provided by third party advertisement hubs which facilitates real-time bidding for advertisers.

Cookie: mv_tokensDomain: exchange.mediavine.comRetention: 14 days
criticalCookieMarketingMediaVine

MediaVine cookie "am_tokens" set before consent — Presents the user with relevant content and advertisement. The service is provided by third-party advertisement hubs which facilitate real-time bidding for advertisers.

Cookie: am_tokensDomain: exchange.mediavine.comRetention: 14 days
Outbrain
criticalCookieMarketingOutbrain

Outbrain cookie "criteo" set before consent — This cookie is set by Outbrain and it is used to analyse technical data about the website

Cookie: criteoDomain: exchange.mediavine.comRetention: 1 months
ComScore
criticalCookieMarketingComScore

ComScore cookie "pid" set before consent — Collects a code that identifies the specific website or advertiser participating in the ScorecardResearch data collection program.

Cookie: pidDomain: .smartadserver.comRetention: 1 year
Smartadserver
Smartadserver2 findings

TestIfCookieP, csync

Smartadserver
criticalCookieMarketingSmartadserver

Smartadserver cookie "TestIfCookieP" set before consent — Technical cookie used to test if persistent cookies are accepted

Cookie: TestIfCookiePDomain: .smartadserver.comRetention: 13 months
Smartadserver
criticalCookieMarketingSmartadserver

Smartadserver cookie "csync" set before consent — Optimises ad display based on the user's movement combined and various advertiser bids for displaying user ads.

Cookie: csyncDomain: .smartadserver.comRetention: 1 day
Media.net3 findings

visitor-id, data-c, data-c-ts

criticalCookieMarketingMedia.net

Media.net cookie "visitor-id" set before consent — This cookie is used to collect information on the visitor, which we then use for analytics purposes.

Cookie: visitor-idDomain: .media.netRetention: 1 year
criticalCookieMarketingMedia.net

Media.net cookie "data-c" set before consent — Cookie used to record your browsing activity, with the purpose of displaying targeted ads.

Cookie: data-cDomain: .media.netRetention: 1 year
criticalCookieMarketingMedia.net

Media.net cookie "data-c-ts" set before consent — Cookie used to record your browsing activity, with the purpose of displaying targeted ads.

Cookie: data-c-tsDomain: .media.netRetention: 1 year
criticalCookieMarketingNativo

Nativo cookie "opt_out" set before consent — This cookie is used to remember not to serve that user targeted Ads if they opt out.

Cookie: opt_outDomain: .postrelease.comRetention: 1 year
Magnite
Magnite2 findings

tvid, tv_UICR

Magnite
criticalCookieMarketingMagnite

Magnite cookie "tvid" set before consent — Presents the user with relevant content and advertisement. The service is provided by third-party advertisement hubs, which facilitate real-time bidding for advertisers.

Cookie: tvidDomain: .tremorhub.comRetention: 1 year
Magnite
criticalCookieMarketingMagnite

Magnite cookie "tv_UICR" set before consent — Collects information on user behaviour on multiple websites. This information is used in order to optimize the relevance of advertisement on the website.

Cookie: tv_UICRDomain: .tremorhub.comRetention: 30 days
criticalCookieMarketing1rx.io

1rx.io cookie "_rxuuid" set before consent — Sets a unique ID for the visitor, with which external advertisers can target the visitor with relevant advertisements. This linking service is provided by third-party advertising hubs, facilitating real-time bidding for advertisers.

Cookie: _rxuuidDomain: .1rx.ioRetention: 1 year
Adobe Audience Manager
Adobe Audience Manager2 findings

demdex, dpm

Adobe Audience Manager
criticalCookieMarketingAdobe Audience Manager

Adobe Audience Manager cookie "demdex" set before consent — Unique value with which Audience Manager can identify a user. Used, among others, for identification, segmentation, modeling and reporting purposes.

Cookie: demdexDomain: .demdex.netRetention: 180 days after last activity or 10 years when opting out
Adobe Audience Manager
criticalCookieMarketingAdobe Audience Manager

Adobe Audience Manager cookie "dpm" set before consent — DPM is an abbreviation for Data Provider Match. It tells internal, Adobe systems that a call from Audience Manager or the Adobe Experience Cloud ID Service is passing in customer data for synchronization or requesting an ID.

Cookie: dpmDomain: .dpm.demdex.netRetention: 180 days
Neustar
criticalCookieMarketingNeustar

Neustar cookie "ab" set before consent — This cookie is used by the website’s operator in context with multi-variate testing. This is a tool used to combine or change content on the website. This allows the website to find the best variation/edition of the site.

Cookie: abDomain: .agkn.comRetention: 1 year
criticalNetwork

No consent banner detected — all cookies and tags fire without user consent

criticalConsent

No "reject all" option found — users cannot refuse non-essential cookies (ICO guidance requires this)

criticalConsent Record

No recognizable consent cookie or storage entry detected after interaction — GDPR Article 7(1) requires controllers to demonstrate consent was given (server-side storage cannot be verified)

criticalConsent Record

No recognizable consent withdrawal mechanism detected — GDPR Article 7(3) requires users can withdraw consent as easily as giving it (cookie settings link or floating button expected)

Warnings22
Twitter (Social Tracker)
warningNetworkTwitter (Social Tracker)

Twitter (social) loaded before consent

ID: o6o36Host: analytics.twitter.comFired: 3024ms after load
Google Tag Manager
warningGTMTag ManagementGoogle Tag Manager

GTM loaded before consent banner — IP address transmitted to Google pre-consent (container: GTM-P3BRQW)

Google (Tracker Tracker)
warningNetworkGoogle (Tracker Tracker)

Google (Tracker Tracker) cookieless ping detected before consent — GCM v2 active with ad_storage and ad_user_data: denied. No user identifiers are collected in this request.

Host: cm.g.doubleclick.netFired: 3904ms after load
Google Ads
warningNetworkAdvertisingGoogle Ads

Google Ads cookieless ping detected before consent — GCM v2 active with ad_storage and ad_user_data: denied. No user identifiers are collected in this request.

Host: pagead2.googlesyndication.comFired: 4632ms after load
warningStorage

localStorage key "privacy-sdk-cookie-id" written before consent

Key: privacy-sdk-cookie-idType: localStorageFired: 802ms after load
warningStorage

localStorage key "__snI18NCC" written before consent

Key: __snI18NCCType: localStorageFired: 806ms after load
warningStorage

sessionStorage key "_s_probe_key_" written before consent

Key: _s_probe_key_Type: sessionStorageFired: 809ms after load
warningStorage

localStorage key "RESOURCE_ADAPT__WEBP_SUPPORT" written before consent

Key: RESOURCE_ADAPT__WEBP_SUPPORTType: localStorageFired: 1426ms after load
warningStorage

localStorage key "PrivacySDK-/privacy-banner-api/intercept_list-{"brand":7,"domain":"nl.shein.com","siteUid":"nl","language":"en"}" written before consent

Key: PrivacySDK-/privacy-banner-api/intercept_list-{"brand":7,"domain":"nl.shein.com","siteUid":"nl","language":"en"}Type: localStorageFired: 1546ms after load
warningStorage

localStorage key "PrivacySDK-/privacy-banner-api/get_private_banner-{"brand":7,"domain":"nl.shein.com","siteUid":"nl","language":"en"}" written before consent

Key: PrivacySDK-/privacy-banner-api/get_private_banner-{"brand":7,"domain":"nl.shein.com","siteUid":"nl","language":"en"}Type: localStorageFired: 1656ms after load
warningStorage

localStorage key "skynet_repeat_daily" written before consent

Key: skynet_repeat_dailyType: localStorageFired: 1898ms after load
warningStorage

localStorage key "a_vndfsigb2jhqgrjvfhjreg" written before consent

Key: a_vndfsigb2jhqgrjvfhjregType: localStorageFired: 1931ms after load
warningStorage

localStorage key "monitor_session_id" written before consent

Key: monitor_session_idType: localStorageFired: 2193ms after load
warningStorage

localStorage key "sky_eye_sample_control_config" written before consent

Key: sky_eye_sample_control_configType: localStorageFired: 2350ms after load
warningStorage

localStorage key "criteo_localstorage_check" written before consent

Key: criteo_localstorage_checkType: localStorageFired: 3075ms after load
warningStorage

localStorage key "cto_bundle" written before consent

Key: cto_bundleType: localStorageFired: 3307ms after load
warningStorage

sessionStorage key "cccCompExposeMonitor" written before consent

Key: cccCompExposeMonitorType: sessionStorageFired: 3479ms after load
warningStorage

localStorage key "lastExternalReferrer" written before consent

Key: lastExternalReferrerType: localStorageFired: 3750ms after load
warningStorage

localStorage key "u_sclid" written before consent

Key: u_sclidType: localStorageFired: 3799ms after load
warningStorage

sessionStorage key "u_scsid" written before consent

Key: u_scsidType: sessionStorageFired: 3800ms after load
warningStorage

localStorage key "u_sclid_r" written before consent

Key: u_sclid_rType: localStorageFired: 3801ms after load
warningStorage

sessionStorage key "u_scsid_r" written before consent

Key: u_scsid_rType: sessionStorageFired: 3801ms after load
Info2
Snapchat
infoCookieFunctionalSnapchat

Snapchat cookie "X-AB" set before consent — This cookie is used by the website’s operator in context with multi-variate testing. This is a tool used to combine or change content on the website. This allows the website to find the best variation/edition of the site.

Cookie: X-ABDomain: sc-static.netRetention: 1 day
Cloudflare
infoCookieFunctionalCloudflare

Cloudflare cookie "_cfuvid" set before consent — The _cfuvid cookie is only set when a site uses this option in a Rate Limiting Rule, and is only used to allow the Cloudflare WAF to distinguish individual users who share the same IP address.

Cookie: _cfuvidDomain: .shein.comRetention: session

Is this your site?

Run a full multi-page scan with monitoring and get detailed remediation steps

Scan shein.com

This audit is based on publicly observable website behavior. To request removal from the index, email support@tagleak.com