www.promobutler.be Open in urlscan Pro
2606:4700:10::6816:468a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://r.mails.netmedia-europe.be/mk/cl/f/3rIsEHq1TBrCn_ppbpBEU2F5YEClAbO4JE1YcH4K72QGQmKDc5LTX9Gu5lY1tDv1ksHe1JnJUWy5S_syGNIImwKg...
Effective URL:
https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com
Submission: On May 20 via api (May 20th 2022, 1:35:38 pm UTC) from BE — Scanned from FR

Summary HTTP 62 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 62 HTTP transactions. The main IP is 2606:4700:10::6816:468a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.promobutler.be. The Cisco Umbrella rank of the primary domain is 599076.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2022. Valid for: a year.

This is the only time www.promobutler.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.107.232.127 185.107.232.127	200484 (SENDINBLU...) (SENDINBLUE-ASN)
2	2606:4700:440... 2606:4700:4400::6812:2291	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:90c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:10:... 2606:4700:10::6816:468a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
12 30	2606:4700:10:... 2606:4700:10::ac43:14cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.108.188.9 65.108.188.9	24940 (HETZNER-AS) (HETZNER-AS)
14	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.17.91 108.138.17.91	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.7.18 99.86.7.18	16509 (AMAZON-02) (AMAZON-02)
1	13.226.184.44 13.226.184.44	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f16:bc:... 2600:1f16:bc:1201:d9c:1188:e629:5a34	16509 (AMAZON-02) (AMAZON-02)
62	15

1 185.107.232.127 (France)

ASN200484 (SENDINBLUE-ASN, FR)

r.mails.netmedia-europe.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2291 (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:90c (United States)

ASN13335 (CLOUDFLARENET, US)

in-automate.sendinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:468a (United States)

ASN13335 (CLOUDFLARENET, US)

www.promobutler.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:10::ac43:14cc (United States) 12 redirects

ASN13335 (CLOUDFLARENET, US)

img.folders.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
publish.folders.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.188.9 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.188.108.65.clients.your-server.de

cdn.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-91.fra56.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-18.fra6.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.184.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-184-44.dfw55.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:bc:1201:d9c:1188:e629:5a34 (Columbus, United States)

ASN16509 (AMAZON-02, US)

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	folders.eu 12 redirects img.folders.eu publish.folders.eu	449 KB
14	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
11	promobutler.be www.promobutler.be — Cisco Umbrella Rank: 599076	433 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3175 onesignal.com — Cisco Umbrella Rank: 1158 img.onesignal.com — Cisco Umbrella Rank: 6510	99 KB
2	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 7908 certify.alexametrics.com — Cisco Umbrella Rank: 4391	3 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1192	10 KB
2	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 26815	2 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	2 KB
1	cookie-script.com cdn.cookie-script.com — Cisco Umbrella Rank: 42297	33 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	57 KB
1	sendinblue.com in-automate.sendinblue.com — Cisco Umbrella Rank: 28445	203 B
1	netmedia-europe.be r.mails.netmedia-europe.be	934 B
62	13

	Domain	Requested by
18	img.folders.eu	www.promobutler.be
14	www.google-analytics.com	www.googletagmanager.com www.promobutler.be
12	publish.folders.eu	12 redirects
11	www.promobutler.be	r.mails.netmedia-europe.be www.promobutler.be static.cloudflareinsights.com
3	onesignal.com	cdn.onesignal.com
2	cdn.onesignal.com	r.mails.netmedia-europe.be cdn.onesignal.com
2	static.cloudflareinsights.com	sibautomation.com www.promobutler.be
2	sibautomation.com	r.mails.netmedia-europe.be static.cloudflareinsights.com
1	img.onesignal.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.promobutler.be
1	certify.alexametrics.com	www.promobutler.be
1	certify-js.alexametrics.com	r.mails.netmedia-europe.be
1	d31qbv1cthcecs.cloudfront.net	r.mails.netmedia-europe.be
1	cdn.cookie-script.com	www.googletagmanager.com
1	www.googletagmanager.com	www.promobutler.be
1	in-automate.sendinblue.com	sibautomation.com
1	r.mails.netmedia-europe.be
62	17

This site contains links to these domains. Also see Links.

Domain
www.acties.be
www.promobutler.foundation
magazines.promobutler.be
publish.folders.eu
itunes.apple.com
play.google.com
www.facebook.com
instagram.com
www.linkedin.com
www.pinterest.com
www.folders.eu
www.promobutler.nl
www.promoties.be
www.netmedia-europe.be
cookie-script.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-10` - `2022-07-09`	a year	crt.sh
sendinblue.com Cloudflare Inc ECC CA-3	`2021-09-29` - `2022-09-28`	a year	crt.sh
promobutler.be Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-19` - `2022-08-19`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com
Frame ID: BB800A0509650457FEFA5088CAD9B20D
Requests: 57 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=1991754
Frame ID: C753545DF956C2D021FD3CD90BFA91A8
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Alle nieuwe folders en promoties deze week vind je op PromoButler

Page URL History Show full URLs

http://r.mails.netmedia-europe.be/mk/cl/f/3rIsEHq1TBrCn_ppbpBEU2F5YEClAbO4JE1YcH4K72QGQmKDc5LTX9Gu5lY1tDv1ksHe... Page URL
https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

62
Requests

77 %
HTTPS

64 %
IPv6

13
Domains

17
Subdomains

15
IPs

4
Countries

1109 kB
Transfer

2246 kB
Size

2
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.acties.be/
Title: Kortingscodes

Search URL Search Domain Scan URL

URL: https://www.promobutler.foundation/
Title: Duurzaamheid

Search URL Search Domain Scan URL

URL: https://magazines.promobutler.be/nl-BE/
Title: Ontdek het hier!

Search URL Search Domain Scan URL

URL: https://publish.folders.eu/login
Title: Voeg je eigen folder toe

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/nl/app/promobutler-reclamefolders/id853571279?utm_source=promobutler&utm_medium=app-home&utm_campaign=promobutler

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=be.netmediaeurope.promobutler&utm_source=promobutler&utm_medium=app-home&utm_campaign=promobutler

Search URL Search Domain Scan URL

URL: https://www.facebook.com/promobutler

Search URL Search Domain Scan URL

URL: https://instagram.com/promobutler

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/9366017

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/promobutlerbe

Search URL Search Domain Scan URL

URL: https://www.folders.eu/

Search URL Search Domain Scan URL

URL: https://www.promobutler.nl/

Search URL Search Domain Scan URL

URL: https://www.promoties.be/

Search URL Search Domain Scan URL

URL: https://www.netmedia-europe.be/
Title: Netmedia Europe NV - © 2007- 2022

Search URL Search Domain Scan URL

URL: https://cookie-script.com/
Title: Powered by CookieScript

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://r.mails.netmedia-europe.be/mk/cl/f/3rIsEHq1TBrCn_ppbpBEU2F5YEClAbO4JE1YcH4K72QGQmKDc5LTX9Gu5lY1tDv1ksHe1JnJUWy5S_syGNIImwKg6d9xF9hg_kLZmS0xIZb99sUTdzAXENZdNVTQc5bvR7hYAdcAWjQzhi6fCZ-shtZlcX6UnE_i8UkbT97JTLLfEbYg8iYdMRNncU5R2lqeii5J_fU-Udjww4P6VeHA61iXbnZ8pscmD1vqBKuD-y_GR0Dv-FlCV7eM_mTaEoOucUzL-kykSC_yfVnd Page URL
https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://publish.folders.eu/publication/2270878/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/227/08/78/bizz_2270878.pdf?v=2&fm=auto&page=1&w=400

Request Chain 19

https://publish.folders.eu/publication/2269867/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/226/98/67/bizz_2269867.pdf?v=2&fm=auto&page=1&w=400

Request Chain 22

https://publish.folders.eu/publication/2269882/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/226/98/82/bizz_2269882.pdf?v=7&fm=auto&page=1&w=400

Request Chain 23

https://publish.folders.eu/publication/2270056/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/227/00/56/bizz_2270056_1.jpg?fm=auto&w=400

Request Chain 24

https://publish.folders.eu/publication/2270827/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/227/08/27/bizz_2270827.pdf?v=2&fm=auto&page=1&w=400

Request Chain 27

https://publish.folders.eu/publication/2270752/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/227/07/52/bizz_2270752.pdf?v=2&fm=auto&page=1&w=400

Request Chain 28

https://publish.folders.eu/publication/2270632/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/227/06/32/bizz_2270632.pdf?v=2&fm=auto&page=1&w=400

Request Chain 29

https://publish.folders.eu/publication/2270617/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/227/06/17/bizz_2270617.pdf?v=2&fm=auto&page=1&w=400

Request Chain 30

https://publish.folders.eu/publication/2270740/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/227/07/40/bizz_2270740.pdf?v=2&fm=auto&page=1&w=400

Request Chain 31

https://publish.folders.eu/publication/2270200/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/227/02/00/bizz_2270200.pdf?v=2&fm=auto&page=1&w=400

Request Chain 32

https://publish.folders.eu/publication/2269294/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/226/92/94/bizz_2269294.pdf?v=2&fm=auto&page=1&w=400

Request Chain 33

https://publish.folders.eu/publication/2269378/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/226/93/78/bizz_2269378.pdf?v=2&fm=auto&page=1&w=400

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 3rIsEHq1TBrCn_ppbpBEU2F5YEClAbO4JE1YcH4K72QGQmKDc5LTX9Gu5lY1tDv1ksHe1JnJUWy5S_syGNIImwKg6d9xF9hg_kLZmS0xIZb99sUTdzAXENZdNVTQc5bvR7hYAdcAWjQzhi6fCZ-shtZlcX6UnE_i8UkbT97JTLLfEbYg8iYdMRNncU5R2lqeii5J_... Show response
r.mails.netmedia-europe.be/mk/cl/f/ 730 B
934 B 44ms
24ms Document
text/html 185.107.232.127
SENDINBLUE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

http://r.mails.netmedia-europe.be/mk/cl/f/3rIsEHq1TBrCn_ppbpBEU2F5YEClAbO4JE1YcH4K72QGQmKDc5LTX9Gu5lY1tDv1ksHe1JnJUWy5S_syGNIImwKg6d9xF9hg_kLZmS0xIZb99sUTdzAXENZdNVTQc5bvR7hYAdcAWjQzhi6fCZ-shtZlcX6UnE_i8UkbT97JTLLfEbYg8iYdMRNncU5R2lqeii5J_fU-Udjww4P6VeHA61iXbnZ8pscmD1vqBKuD-y_GR0Dv-FlCV7eM_mTaEoOucUzL-kykSC_yfVnd

Protocol

HTTP/1.1

Server

185.107.232.127 , France, ASN200484 (SENDINBLUE-ASN, FR),

Reverse DNS

Software

Resource Hash

20524d46d927365e4e8d90c49f7e82dc76ccfe262775e916a3d9405cf0763ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-length: 730
content-type: text/html; charset=utf-8
date: Fri, 20 May 2022 13:35:31 GMT
x-content-type-options: nosniff
x-sib-server: red2.dc3.51b.tech
x-xss-protection: 1

GET
H2 200 cm.html Show response
sibautomation.com/ Frame C753 3 KB
2 KB 84ms
41ms Document
text/html 2606:4700:4400::6812:2291
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibautomation.com/cm.html?id=1991754

Requested by

Host: r.mails.netmedia-europe.be
URL: http://r.mails.netmedia-europe.be/mk/cl/f/3rIsEHq1TBrCn_ppbpBEU2F5YEClAbO4JE1YcH4K72QGQmKDc5LTX9Gu5lY1tDv1ksHe1JnJUWy5S_syGNIImwKg6d9xF9hg_kLZmS0xIZb99sUTdzAXENZdNVTQc5bvR7hYAdcAWjQzhi6fCZ-shtZlcX6UnE_i8UkbT97JTLLfEbYg8iYdMRNncU5R2lqeii5J_fU-Udjww4P6VeHA61iXbnZ8pscmD1vqBKuD-y_GR0Dv-FlCV7eM_mTaEoOucUzL-kykSC_yfVnd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2291 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Sails <sailsjs.com>

Resource Hash

4249ad4a466f34933df58a1c652045152364505a394e3e1f62e802dab64bd918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://r.mails.netmedia-europe.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
age: 20527
cache-control: public, max-age=7200
cf-apo-via: origin,host
cf-cache-status: HIT
cf-ray: 70e574c05b2c0824-CDG
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 20 May 2022 13:35:31 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 20 May 2022 15:35:31 GMT
last-modified: Fri, 20 May 2022 07:53:24 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Sails <sailsjs.com>
x-sib-server: SENDINBLUE-web2-2
x-xss-protection: 1

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame C753 14 KB
5 KB 126ms
67ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=1991754
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://sibautomation.com/
Origin: https://sibautomation.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 70e574c12a3f405b-CDG

GET
H2 204 cm
in-automate.sendinblue.com/ Frame C753 0
203 B 114ms
57ms XHR
text/plain 2606:4700::6811:90c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.sendinblue.com/cm?uuid=827b934a-e13c-49e2-86b0-203232108935&key=gvuy5rzgowm0tegth6ck8&trans=0&user_id=3309564
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=1991754
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sibautomation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache
cf-apo-via: origin,host
cf-ray: 70e574c12fe799ba-CDG

GET
H2 200 Primary Request / Show response
www.promobutler.be/nl/ 120 KB
15 KB 107ms
50ms Document
text/html 2606:4700:10::6816:468a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:468a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

227ad732a23de06f1192f9ace4e88c066abec02e46e7e1a16524b468f1ca57df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://r.mails.netmedia-europe.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 14400
age: 2212
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 70e574c1f9463a41-CDG
content-encoding: br
content-language: nl
content-type: text/html;charset=UTF-8
date: Fri, 20 May 2022 13:35:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Fri, 20 May 2022 12:58:40 GMT
pragma: cache
server: cloudflare
strict-transport-security: max-age=15552000; preload
vary: accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 rum
sibautomation.com/cdn-cgi/ Frame C753 0
81 B 22ms
22ms XHR
text/plain 2606:4700:4400::6812:2291
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibautomation.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2291 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sibautomation.com/cm.html?id=1991754
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: application/json

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 70e574c19cfd0824-CDG
x-frame-options: DENY

POST rum
sibautomation.com/cdn-cgi/ Frame C753 0
0

GET
H2 200 home.min.js Show response
www.promobutler.be/js/ 353 KB
108 KB 75ms
73ms Script
application/javascript 2606:4700:10::6816:468a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/js/home.min.js?v=0.0.1-20220502133151.7492e378

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:468a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3db776486256b70d4aa4620517b24098f860c6abe23c56246d6a855cb8772f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 184823
accept-language: bytes
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: cache
last-modified: Mon, 02 May 2022 12:59:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 31622400
content-type: application/javascript
access-control-allow-origin: *
vary: accept-encoding
cache-control: public, max-age=31622400
cf-ray: 70e574c25a093a41-CDG

GET
H2 200 home.min.css
www.promobutler.be/css/ 172 KB
24 KB 73ms
72ms Stylesheet
text/css 2606:4700:10::6816:468a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/css/home.min.css?v=0.0.1-20220502133151.7492e378

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:468a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a9a039ab77617312dadc1937a111e74764430cf409455e88445a88e5b25eee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 184823
accept-language: bytes
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: cache
last-modified: Mon, 02 May 2022 12:59:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 31622400
content-type: text/css
access-control-allow-origin: *
vary: accept-encoding
cache-control: public, max-age=31622400
cf-ray: 70e574c25a0a3a41-CDG

GET
H2 200 Roboto-Regular.woff2
www.promobutler.be/css/ 63 KB
63 KB 73ms
72ms Font
application/font-woff2 2606:4700:10::6816:468a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/css/Roboto-Regular.woff2

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:468a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com
Origin: https://www.promobutler.be
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 184895
accept-language: bytes
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64632
x-xss-protection: 1; mode=block
pragma: cache
last-modified: Mon, 02 May 2022 12:59:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 31622400
content-type: application/font-woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 70e574c25a0b3a41-CDG

GET
H2 200 Roboto-Bold.woff2
www.promobutler.be/css/ 63 KB
63 KB 53ms
52ms Font
application/font-woff2 2606:4700:10::6816:468a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/css/Roboto-Bold.woff2

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:468a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com
Origin: https://www.promobutler.be
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 184895
accept-language: bytes
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64740
x-xss-protection: 1; mode=block
pragma: cache
last-modified: Mon, 02 May 2022 12:59:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 31622400
content-type: application/font-woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 70e574c25a0c3a41-CDG

GET
H2 200 Roboto-Light.woff2
www.promobutler.be/css/ 63 KB
63 KB 73ms
72ms Font
application/font-woff2 2606:4700:10::6816:468a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/css/Roboto-Light.woff2

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:468a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com
Origin: https://www.promobutler.be
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 184895
accept-language: bytes
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64320
x-xss-protection: 1; mode=block
pragma: cache
last-modified: Mon, 02 May 2022 12:59:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 31622400
content-type: application/font-woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 70e574c25a0f3a41-CDG

GET
H2 200 Roboto-Medium.woff2
www.promobutler.be/css/ 64 KB
64 KB 73ms
73ms Font
application/font-woff2 2606:4700:10::6816:468a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/css/Roboto-Medium.woff2

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:468a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com
Origin: https://www.promobutler.be
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 184895
accept-language: bytes
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65484
x-xss-protection: 1; mode=block
pragma: cache
last-modified: Mon, 02 May 2022 12:59:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 31622400
content-type: application/font-woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 70e574c26a103a41-CDG

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 72ms
71ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.promobutler.be/
Origin: https://www.promobutler.be
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 70e574c2fe47405b-CDG

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 165 KB
57 KB 101ms
40ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDZL236

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13211652326034ad756d3cd7f6f8eaf3ded9783e946012ed149402b861b4f797

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58312
x-xss-protection: 0
last-modified: Fri, 20 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 May 2022 13:35:32 GMT

GET
H3 200 icomoon.ttf
www.promobutler.be/css/ 10 KB
10 KB 53ms
53ms Font
application/x-font-ttf 2606:4700:10::6816:468a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/css/icomoon.ttf

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/css/home.min.css?v=0.0.1-20220502133151.7492e378

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:468a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bccbb75744006b250315fc2ff9932b47257c1dbe652103d02db8a075ef6ff51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.promobutler.be/css/home.min.css?v=0.0.1-20220502133151.7492e378
Origin: https://www.promobutler.be
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 184894
accept-language: bytes
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10260
x-xss-protection: 1; mode=block
pragma: cache
last-modified: Mon, 02 May 2022 12:59:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 31622400
content-type: application/x-font-ttf
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 70e574c31efd0863-CDG

GET
H2 200 icon_close.svg
img.folders.eu/live/promobutler/assets/v2/icons/ 1 KB
2 KB 160ms
94ms Image
image/avif 2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/promobutler/assets/v2/icons/icon_close.svg

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/css/home.min.css?v=0.0.1-20220502133151.7492e378

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e868cc56761865d432435d19cb303aeee2a7d8a1a97d2d1fec584edb2a4cd3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-oc: HIT
x-cache: HIT, HIT
x-gumlet-runtime: 0.043
strict-transport-security: max-age=15552000; preload
x-served-by: cache-hhn4081-HHN, cache-cdg20731-CDG
x-gumlet-reqid: 62727485e851db901e82b0c4
server: cloudflare
x-timer: S1653053733.570473,VS0,VE0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
cf-ray: 70e574c42d650897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 1, 2

GET
H3 404 user Show response
www.promobutler.be/ 0
280 B 65ms
64ms Fetch 2606:4700:10::6816:468a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/user

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/js/home.min.js?v=0.0.1-20220502133151.7492e378

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:468a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 13:35:32 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-max-age: 0
cache-control: private, max-age=0, no-cache
strict-transport-security: max-age=15552000; preload
cf-ray: 70e574c428f50863-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 200 i18n Show response
www.promobutler.be/ 68 KB
22 KB 179ms
179ms Fetch
application/json 2606:4700:10::6816:468a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/i18n

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/js/home.min.js?v=0.0.1-20220502133151.7492e378

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:468a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd81dead059331b33d3a274f37d005d900d8106964ce44c9e469190a30b84de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 13:35:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 0
cache-control: private, max-age=0, no-cache
strict-transport-security: max-age=15552000; preload
cf-ray: 70e574c428f60863-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-railgun: direct (starting new WAN connection)

GET
H2

200

bizz_2270878.pdf
img.folders.eu/live/publsh/bizz/227/08/78/
Redirect Chain

https://publish.folders.eu/publication/2270878/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/227/08/78/bizz_2270878.pdf?v=2&fm=auto&page=1&w=400

37 KB
37 KB

70ms
70ms

Image
image/avif

2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/227/08/78/bizz_2270878.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aaec851e35a13ced0aef0933b8596df0e0267606501d77f01b45feadb449a85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-oc: HIT
x-cache: MISS, HIT
x-gumlet-runtime: 3.28
strict-transport-security: max-age=15552000; preload
content-length: 37528
x-served-by: cache-hhn4057-HHN, cache-cdg20758-CDG
x-gumlet-reqid: 62819a912e5d5794de50ac0a
server: cloudflare
x-timer: S1653053733.766625,VS0,VE1
etag: 627179ba433a84d4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c59ff20897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 0, 1

Redirect headers

pragma: cache
date: Fri, 20 May 2022 13:35:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/227/08/78/bizz_2270878.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 70e574c47e1c0897-CDG

GET
H2

200

bizz_2269867.pdf
img.folders.eu/live/publsh/bizz/226/98/67/
Redirect Chain

https://publish.folders.eu/publication/2269867/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/226/98/67/bizz_2269867.pdf?v=2&fm=auto&page=1&w=400

37 KB
37 KB

70ms
70ms

Image
image/avif

2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/226/98/67/bizz_2269867.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4959c86eccfed409e99b69742d6c7b8954e2b3b875cf3332a9b6910e29c87a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-oc: HIT
x-cache: HIT, HIT
x-gumlet-runtime: 1.319
strict-transport-security: max-age=15552000; preload
content-length: 38123
x-served-by: cache-hhn11578-HHN, cache-cdg20766-CDG
x-gumlet-reqid: 62843ff0079236fc74f8a4c0
server: cloudflare
x-timer: S1653053733.771043,VS0,VE1
etag: 47e2d0edd7a36dab
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c59fef0897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 1, 1

Redirect headers

pragma: cache
date: Fri, 20 May 2022 13:35:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/226/98/67/bizz_2269867.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 70e574c47e170897-CDG

GET
H2 200 seats-and-sofas-royal-hoeksalon-84294.png
img.folders.eu/live/promobutler/articles/2022/4/11/feeds/ 5 KB
5 KB 86ms
85ms Image
image/webp 2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/promobutler/articles/2022/4/11/feeds/seats-and-sofas-royal-hoeksalon-84294.png?w=200&h=200&fm=auto

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d9ae8bfdff7a1b4ab02d3de8ae10f49b8d1c465e89b92439f2a112f109673c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-oc: HIT
x-cache: MISS, HIT
x-gumlet-runtime: 0.263
strict-transport-security: max-age=15552000; preload
content-length: 4706
x-served-by: cache-hhn4053-HHN, cache-cdg20720-CDG
x-gumlet-reqid: 6273b5e4467683e69e44acba
server: cloudflare
x-timer: S1653053733.598291,VS0,VE1
etag: 1623d0d877fa4ec8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c46df00897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 0, 1

GET
H2 200 muur-en-plafondverf--14770690.jpg
img.folders.eu/live/promobutler/articles/2022/05/17/147706/ 3 KB
3 KB 93ms
93ms Image
image/avif 2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/promobutler/articles/2022/05/17/147706/muur-en-plafondverf--14770690.jpg?w=200&h=200&fm=auto

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ea9e6fbd32e00312d331a9361cf174f9863b15513271d3913383895d760068e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-reqid: 6284522e9f1c4e43536e8677
x-cache: MISS, HIT
x-gumlet-runtime: 0.314
strict-transport-security: max-age=15552000; preload
content-length: 2843
x-served-by: cache-hhn11531-HHN, cache-cdg20728-CDG
server: cloudflare
x-timer: S1653053733.606478,VS0,VE1
etag: 29756695d9b9080
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c46e110897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 0, 1

GET
H2

200

bizz_2269882.pdf
img.folders.eu/live/publsh/bizz/226/98/82/
Redirect Chain

https://publish.folders.eu/publication/2269882/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/226/98/82/bizz_2269882.pdf?v=7&fm=auto&page=1&w=400

28 KB
28 KB

66ms
65ms

Image
image/avif

2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/226/98/82/bizz_2269882.pdf?v=7&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d5cedd5bbb1a2462e165008fb1d0728b9fc054982511d5e84f64ad962ff186c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-oc: HIT
x-cache: MISS, HIT
x-gumlet-runtime: 2.088
strict-transport-security: max-age=15552000; preload
content-length: 28868
x-served-by: cache-hhn11581-HHN, cache-cdg20748-CDG
x-gumlet-reqid: 627b4eff601dbf37819e7315
server: cloudflare
x-timer: S1653053733.764034,VS0,VE1
etag: d60cf3ba8096b924
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c59ff80897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 0, 1

Redirect headers

pragma: cache
date: Fri, 20 May 2022 13:35:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/226/98/82/bizz_2269882.pdf?v=7&fm=auto&page=1&w=400
cache-control: public
cf-ray: 70e574c47e1d0897-CDG

GET
H2

200

bizz_2270056_1.jpg
img.folders.eu/live/publsh/bizz/227/00/56/
Redirect Chain

https://publish.folders.eu/publication/2270056/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/227/00/56/bizz_2270056_1.jpg?fm=auto&w=400

44 KB
44 KB

65ms
65ms

Image
image/avif

2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/227/00/56/bizz_2270056_1.jpg?fm=auto&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76bcfb86aaac515b02a5abc55c967e1967df9c70b6c93d58b491c44ed9312006

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-oc: HIT
x-cache: HIT, HIT
x-gumlet-runtime: 1.653
strict-transport-security: max-age=15552000; preload
content-length: 44544
x-served-by: cache-hhn4045-HHN, cache-cdg20758-CDG
x-gumlet-reqid: 627b4ef5601dbf37819e7269
server: cloudflare
x-timer: S1653053733.768758,VS0,VE1
etag: aeb075d37a634461
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c59ffc0897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 1, 1

Redirect headers

pragma: cache
date: Fri, 20 May 2022 13:35:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/227/00/56/bizz_2270056_1.jpg?fm=auto&w=400
cache-control: public
cf-ray: 70e574c48e2f0897-CDG

GET
H2

200

bizz_2270827.pdf
img.folders.eu/live/publsh/bizz/227/08/27/
Redirect Chain

https://publish.folders.eu/publication/2270827/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/227/08/27/bizz_2270827.pdf?v=2&fm=auto&page=1&w=400

27 KB
28 KB

88ms
88ms

Image
image/avif

2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/227/08/27/bizz_2270827.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd8aebe78faeed87d2f19aa2be5ad604062f367f6a88db57d028ea159e4ccfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-oc: HIT
x-cache: HIT, HIT
x-gumlet-runtime: 2.48
strict-transport-security: max-age=15552000; preload
content-length: 28072
x-served-by: cache-hhn4050-HHN, cache-cdg20726-CDG
x-gumlet-reqid: 6281c52a4c1bb4780de27c51
server: cloudflare
x-timer: S1653053733.768840,VS0,VE1
etag: 807f455ce3ba59b3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c59ff30897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 1, 1

Redirect headers

pragma: cache
date: Fri, 20 May 2022 13:35:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/227/08/27/bizz_2270827.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 70e574c47e160897-CDG

GET
H2 200 5-delige-set-classic-3--14770693.jpg
img.folders.eu/live/promobutler/articles/2022/05/17/147706/ 5 KB
5 KB 97ms
97ms Image
image/avif 2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/promobutler/articles/2022/05/17/147706/5-delige-set-classic-3--14770693.jpg?w=200&h=200&fm=auto

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

051c06f555c7c3052b1a2d08dc8bf9a661464e25a4d0f71cc7145dcb35a2faa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-reqid: 6284522e0a503fb2188d408d
x-cache: MISS, HIT
x-gumlet-runtime: 0.222
strict-transport-security: max-age=15552000; preload
content-length: 5248
x-served-by: cache-hhn11524-HHN, cache-cdg20733-CDG
server: cloudflare
x-timer: S1653053733.597622,VS0,VE4
etag: 882670f738434992
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c46e120897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 0, 1

GET
H2 200 alpina-zitmaaier-rider-at2-66qa--14770696.jpg
img.folders.eu/live/promobutler/articles/2022/05/17/147706/ 7 KB
7 KB 72ms
72ms Image
image/avif 2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/promobutler/articles/2022/05/17/147706/alpina-zitmaaier-rider-at2-66qa--14770696.jpg?w=200&h=200&fm=auto

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5e2157646105043e22beb6bdbb6b268797d05fc303d3f84a6322857e510fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-reqid: 6284522e74928e1f94088608
x-cache: MISS, HIT
x-gumlet-runtime: 0.277
strict-transport-security: max-age=15552000; preload
content-length: 7191
x-served-by: cache-hhn4074-HHN, cache-cdg20734-CDG
server: cloudflare
x-timer: S1653053733.588537,VS0,VE0
etag: 1998ab4c80c1c4cc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c46e130897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 0, 2

GET
H2

200

bizz_2270752.pdf
img.folders.eu/live/publsh/bizz/227/07/52/
Redirect Chain

https://publish.folders.eu/publication/2270752/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/227/07/52/bizz_2270752.pdf?v=2&fm=auto&page=1&w=400

33 KB
33 KB

48ms
48ms

Image
image/avif

2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/227/07/52/bizz_2270752.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f2d1d3af80abd999b7190f4afe50d1cae648451b718414b41597e1668f0fb8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-oc: HIT
x-cache: MISS, HIT
x-gumlet-runtime: 1.109
strict-transport-security: max-age=15552000; preload
content-length: 34050
x-served-by: cache-hhn11564-HHN, cache-cdg20758-CDG
x-gumlet-reqid: 6280429e2e5d5794de421c9f
server: cloudflare
x-timer: S1653053733.755993,VS0,VE0
etag: 3c7407671f31c832
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c59ff50897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 0, 667

Redirect headers

pragma: cache
date: Fri, 20 May 2022 13:35:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/227/07/52/bizz_2270752.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 70e574c47e1a0897-CDG

GET
H2

200

bizz_2270632.pdf
img.folders.eu/live/publsh/bizz/227/06/32/
Redirect Chain

https://publish.folders.eu/publication/2270632/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/227/06/32/bizz_2270632.pdf?v=2&fm=auto&page=1&w=400

29 KB
29 KB

65ms
65ms

Image
image/avif

2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/227/06/32/bizz_2270632.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ac71f879df47bff42fd3a509bd462ec75ab49678a54f4d37b3b85ec26070625

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-oc: HIT
x-cache: MISS, HIT
x-gumlet-runtime: 2.379
strict-transport-security: max-age=15552000; preload
content-length: 29922
x-served-by: cache-hhn4070-HHN, cache-cdg20723-CDG
x-gumlet-reqid: 627b4e26b0012f207c8693bf
server: cloudflare
x-timer: S1653053733.763155,VS0,VE1
etag: 2d6925f84250dc79
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c59ffb0897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 0, 1

Redirect headers

pragma: cache
date: Fri, 20 May 2022 13:35:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/227/06/32/bizz_2270632.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 70e574c49e570897-CDG

GET
H2

200

bizz_2270617.pdf
img.folders.eu/live/publsh/bizz/227/06/17/
Redirect Chain

https://publish.folders.eu/publication/2270617/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/227/06/17/bizz_2270617.pdf?v=2&fm=auto&page=1&w=400

35 KB
36 KB

93ms
93ms

Image
image/avif

2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/227/06/17/bizz_2270617.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69301d019766c3228e6ee913ad4c8bf38826f3c8cd5e383485f834ea44046765

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-oc: HIT
x-cache: MISS, HIT, HIT
x-gumlet-runtime: 3.14
strict-transport-security: max-age=15552000; preload
content-length: 36324
x-served-by: cache-pao17464-PAO, cache-hhn4039-HHN, cache-cdg20725-CDG
x-gumlet-reqid: 6282eff1adbc484dabcafcfd
server: cloudflare
x-timer: S1653053733.757430,VS0,VE0
etag: 8f80d765e957e1e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c59ff10897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 0, 1, 2

Redirect headers

pragma: cache
date: Fri, 20 May 2022 13:35:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/227/06/17/bizz_2270617.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 70e574c49e580897-CDG

GET
H2

200

bizz_2270740.pdf
img.folders.eu/live/publsh/bizz/227/07/40/
Redirect Chain

https://publish.folders.eu/publication/2270740/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/227/07/40/bizz_2270740.pdf?v=2&fm=auto&page=1&w=400

37 KB
38 KB

73ms
73ms

Image
image/avif

2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/227/07/40/bizz_2270740.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c9f772a66e58141a41e51d577215c00590baed7404c0e571f1ec98968f83317

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-oc: HIT
x-cache: MISS, HIT
x-gumlet-runtime: 2.178
strict-transport-security: max-age=15552000; preload
content-length: 38397
x-served-by: cache-hhn11536-HHN, cache-cdg20770-CDG
x-gumlet-reqid: 627b4ef5cfd3850142b287a2
server: cloudflare
x-timer: S1653053733.745436,VS0,VE2
etag: 31a5951fd841d79e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c56fa80897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 0, 1

Redirect headers

pragma: cache
date: Fri, 20 May 2022 13:35:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/227/07/40/bizz_2270740.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 70e574c49e590897-CDG

GET
H2

200

bizz_2270200.pdf
img.folders.eu/live/publsh/bizz/227/02/00/
Redirect Chain

https://publish.folders.eu/publication/2270200/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/227/02/00/bizz_2270200.pdf?v=2&fm=auto&page=1&w=400

21 KB
21 KB

68ms
68ms

Image
image/avif

2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/227/02/00/bizz_2270200.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1c1404bf42cbc72c8512ee89ce921c36b819b8935e97f24ffd66404de626f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-oc: HIT
x-cache: MISS, HIT
x-gumlet-runtime: 5.752
strict-transport-security: max-age=15552000; preload
content-length: 21303
x-served-by: cache-hhn4021-HHN, cache-cdg20774-CDG
x-gumlet-reqid: 627b4ef5b0012f207c869bd5
server: cloudflare
x-timer: S1653053733.760926,VS0,VE1
etag: 425b0706504b6b6b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c59ff00897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 0, 1

Redirect headers

pragma: cache
date: Fri, 20 May 2022 13:35:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/227/02/00/bizz_2270200.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 70e574c49e520897-CDG

GET
H2

200

bizz_2269294.pdf
img.folders.eu/live/publsh/bizz/226/92/94/
Redirect Chain

https://publish.folders.eu/publication/2269294/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/226/92/94/bizz_2269294.pdf?v=2&fm=auto&page=1&w=400

39 KB
40 KB

86ms
85ms

Image
image/avif

2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/226/92/94/bizz_2269294.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c671f5d459c10bf4483a4489cbf712d61b7fd1bafc064519b6355ed24e354fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-oc: HIT
x-cache: HIT, HIT
x-gumlet-runtime: 1.778
strict-transport-security: max-age=15552000; preload
content-length: 40257
x-served-by: cache-hhn4033-HHN, cache-cdg20749-CDG
x-gumlet-reqid: 627b4efe601dbf37819e72f0
server: cloudflare
x-timer: S1653053733.783169,VS0,VE2
etag: 6c96d290516e7a14
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c59ffa0897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 1, 1

Redirect headers

pragma: cache
date: Fri, 20 May 2022 13:35:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/226/92/94/bizz_2269294.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 70e574c49e550897-CDG

GET
H2

200

bizz_2269378.pdf
img.folders.eu/live/publsh/bizz/226/93/78/
Redirect Chain

https://publish.folders.eu/publication/2269378/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/226/93/78/bizz_2269378.pdf?v=2&fm=auto&page=1&w=400

48 KB
48 KB

65ms
65ms

Image
image/avif

2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/226/93/78/bizz_2269378.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b33fb912013b9f32116b80485b952a56e9668237581924ed99ea06b76feee3a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-oc: HIT
x-cache: MISS, HIT
x-gumlet-runtime: 3.683
strict-transport-security: max-age=15552000; preload
content-length: 49273
x-served-by: cache-hhn4062-HHN, cache-cdg20733-CDG
x-gumlet-reqid: 627da092b225ef80a70ca131
server: cloudflare
x-timer: S1653053733.765665,VS0,VE0
etag: e8e73ccf3555e18b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 70e574c59ff60897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 0, 4

Redirect headers

pragma: cache
date: Fri, 20 May 2022 13:35:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/226/93/78/bizz_2269378.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 70e574c49e4f0897-CDG

GET
H2 200 logo_promobutler.be.png
img.folders.eu/live/promobutler/assets/ 5 KB
5 KB 68ms
68ms Image
image/webp 2606:4700:10::ac43:14cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/promobutler/assets/logo_promobutler.be.png?w=300

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:14cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebd04bcaa77c92d890c14590836a771ae0d45f185acba8bcbcb878a5da32214d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 varnish, 1.1 varnish
vary: accept, Accept-Encoding
cf-cache-status: MISS
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-reqid: 628303f674928e1f94f95d86
x-cache: HIT, HIT
x-gumlet-runtime: 0.254
strict-transport-security: max-age=15552000; preload
content-length: 4812
x-served-by: cache-hhn4043-HHN, cache-cdg20765-CDG
server: cloudflare
x-timer: S1653053733.581717,VS0,VE0
etag: 21b6fa233c594d7e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
accept-ranges: bytes
cf-ray: 70e574c47e150897-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 1, 342

GET
H2 200 85e050898a481a61bd7cb4132a4d0485.js Show response
cdn.cookie-script.com/s/ 179 KB
33 KB 88ms
26ms Script
application/javascript 65.108.188.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookie-script.com/s/85e050898a481a61bd7cb4132a4d0485.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZL236
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.108.188.9 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.188.108.65.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1e7bdde39e2b607ff498d8adecf6e45e15112d72258072b027fcbad4660378ad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 14:27:19 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"e7177478fdd65305b31a86907d479007"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 86ms
25ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZL236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 46
date: Fri, 20 May 2022 13:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 20 May 2022 15:34:46 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 80ms
23ms Script
application/javascript 108.138.17.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: r.mails.netmedia-europe.be
URL: http://r.mails.netmedia-europe.be/mk/cl/f/3rIsEHq1TBrCn_ppbpBEU2F5YEClAbO4JE1YcH4K72QGQmKDc5LTX9Gu5lY1tDv1ksHe1JnJUWy5S_syGNIImwKg6d9xF9hg_kLZmS0xIZb99sUTdzAXENZdNVTQc5bvR7hYAdcAWjQzhi6fCZ-shtZlcX6UnE_i8UkbT97JTLLfEbYg8iYdMRNncU5R2lqeii5J_fU-Udjww4P6VeHA61iXbnZ8pscmD1vqBKuD-y_GR0Dv-FlCV7eM_mTaEoOucUzL-kykSC_yfVnd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-91.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:39:01 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 6062192
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P7
X-Amz-Cf-Id: 1TDh6fCXNRsJHXRI5t7esxP0rZhsisL4PVQHtyuWwC2_hHr6LkxlHQ==

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 84ms
33ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: r.mails.netmedia-europe.be
URL: http://r.mails.netmedia-europe.be/mk/cl/f/3rIsEHq1TBrCn_ppbpBEU2F5YEClAbO4JE1YcH4K72QGQmKDc5LTX9Gu5lY1tDv1ksHe1JnJUWy5S_syGNIImwKg6d9xF9hg_kLZmS0xIZb99sUTdzAXENZdNVTQc5bvR7hYAdcAWjQzhi6fCZ-shtZlcX6UnE_i8UkbT97JTLLfEbYg8iYdMRNncU5R2lqeii5J_fU-Udjww4P6VeHA61iXbnZ8pscmD1vqBKuD-y_GR0Dv-FlCV7eM_mTaEoOucUzL-kykSC_yfVnd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray: 70e574c4dc9f99fd-CDG
date: Fri, 20 May 2022 13:35:32 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1848
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 23 May 2022 13:35:32 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 83ms
23ms Script
application/javascript 99.86.7.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: r.mails.netmedia-europe.be
URL: http://r.mails.netmedia-europe.be/mk/cl/f/3rIsEHq1TBrCn_ppbpBEU2F5YEClAbO4JE1YcH4K72QGQmKDc5LTX9Gu5lY1tDv1ksHe1JnJUWy5S_syGNIImwKg6d9xF9hg_kLZmS0xIZb99sUTdzAXENZdNVTQc5bvR7hYAdcAWjQzhi6fCZ-shtZlcX6UnE_i8UkbT97JTLLfEbYg8iYdMRNncU5R2lqeii5J_fU-Udjww4P6VeHA61iXbnZ8pscmD1vqBKuD-y_GR0Dv-FlCV7eM_mTaEoOucUzL-kykSC_yfVnd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-18.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:39:01 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 6062191
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: lKKA1DkaNjNM9OuWfGuybpwribrFXinyg0L6oOAeXmuyXgmiWsAfTg==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 415ms
125ms Image
image/gif 13.226.184.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Alle%20nieuwe%20folders%20en%20promoties%20deze%20week%20vind%20je%20op%20PromoButler&time=1653053732633&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=http%3A%2F%2Fr.mails.netmedia-europe.be%2F&host_url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F%3Fkm_pb_email%3Dcarl_vermeiren%40hotmail.com&random_number=9214775600&sess_cookie=f330581b180e1ae3718889f49c8&sess_cookie_flag=1&user_cookie=f330581b180e1ae3718889f49c8&user_cookie_flag=1&dynamic=true&domain=promobutler.be&account=uRpxu1DTcA20Ug&jsv=20130128&user_lang=en-US
Requested by: Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.184.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-184-44.dfw55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 18:01:11 GMT
Via: 1.1 d9ff21e1828dd64d346a1cb776acc486.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 70462
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: DFW55-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: RgrYze8BBseArpTECzxTwELWh9lAXzGefwIAhV31TB1v3oH2G3HIag==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 398ms
105ms Image
text/plain 2600:1f16:bc:1201:d9c:1188:e629:5a34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:bc:1201:d9c:1188:e629:5a34 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
server: Server

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 316ms
33ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:32 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1101
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 70e574c6dad83acb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 23 May 2022 13:35:32 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 82ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=533192772&t=pageview&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F%3Fkm_pb_email%3Dcarl_vermeiren%40hotmail.com&dr=http%3A%2F%2Fr.mails.netmedia-europe.be%2F&ul=en-us&de=UTF-8&dt=Alle%20nieuwe%20folders%20en%20promoties%20deze%20week%20vind%20je%20op%20PromoButler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAI~&cid=1235037802.1653053733&tid=UA-2482376-1&_gid=1951187675.1653053733&gtm=2wg5b0NDZL236&gcs=G101&z=1142904064

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 81ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=533192772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F%3Fkm_pb_email%3Dcarl_vermeiren%40hotmail.com&dr=http%3A%2F%2Fr.mails.netmedia-europe.be%2F&ul=en-us&de=UTF-8&dt=Alle%20nieuwe%20folders%20en%20promoties%20deze%20week%20vind%20je%20op%20PromoButler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B43%2C%2044%2C%2062%2C%2089%2C%2090%2C%2091%2C%20106%5D%22%2C%22folder_id%22%3A%22144508%22%2C%22folder_name%22%3A%22jambooty_2270056%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224704%22%7D&_u=YEDAAEABAAAAI~&cid=1235037802.1653053733&tid=UA-2482376-11&_gid=1951187675.1653053733&gtm=2wg5b0NDZL236&gcs=G101&cd1=4704&cd4=nl&cd6=144508&cd7=false&z=852483298

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 81ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=533192772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F%3Fkm_pb_email%3Dcarl_vermeiren%40hotmail.com&dr=http%3A%2F%2Fr.mails.netmedia-europe.be%2F&ul=en-us&de=UTF-8&dt=Alle%20nieuwe%20folders%20en%20promoties%20deze%20week%20vind%20je%20op%20PromoButler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B32%2C%2039%2C%2041%2C%2048%5D%22%2C%22folder_id%22%3A%22144820%22%2C%22folder_name%22%3A%22jambooty_2270878%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%22939%22%7D&_u=YEDAAEABAAAAI~&cid=1235037802.1653053733&tid=UA-2482376-11&_gid=1951187675.1653053733&gtm=2wg5b0NDZL236&gcs=G101&cd1=939&cd4=nl&cd6=144820&cd7=false&z=1621299034

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 82ms
30ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=533192772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F%3Fkm_pb_email%3Dcarl_vermeiren%40hotmail.com&dr=http%3A%2F%2Fr.mails.netmedia-europe.be%2F&ul=en-us&de=UTF-8&dt=Alle%20nieuwe%20folders%20en%20promoties%20deze%20week%20vind%20je%20op%20PromoButler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B41%2C%2043%2C%2048%2C%2064%2C%2069%2C%2088%2C%2094%5D%22%2C%22folder_id%22%3A%22144811%22%2C%22folder_name%22%3A%22jambooty_2270827%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%222012%22%7D&_u=YEDAAEABAAAAI~&cid=1235037802.1653053733&tid=UA-2482376-11&_gid=1951187675.1653053733&gtm=2wg5b0NDZL236&gcs=G101&cd1=2012&cd4=nl&cd6=144811&cd7=false&z=136728794

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 77ms
26ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=533192772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F%3Fkm_pb_email%3Dcarl_vermeiren%40hotmail.com&dr=http%3A%2F%2Fr.mails.netmedia-europe.be%2F&ul=en-us&de=UTF-8&dt=Alle%20nieuwe%20folders%20en%20promoties%20deze%20week%20vind%20je%20op%20PromoButler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B39%2C%2045%2C%2074%2C%2090%2C%2091%2C%20105%2C%20106%5D%22%2C%22folder_id%22%3A%22144772%22%2C%22folder_name%22%3A%22jambooty_2270752%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224498%22%7D&_u=YEDAAEABAAAAI~&cid=1235037802.1653053733&tid=UA-2482376-11&_gid=1951187675.1653053733&gtm=2wg5b0NDZL236&gcs=G101&cd1=4498&cd4=nl&cd6=144772&cd7=false&z=1144778697

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 79ms
28ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=533192772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F%3Fkm_pb_email%3Dcarl_vermeiren%40hotmail.com&dr=http%3A%2F%2Fr.mails.netmedia-europe.be%2F&ul=en-us&de=UTF-8&dt=Alle%20nieuwe%20folders%20en%20promoties%20deze%20week%20vind%20je%20op%20PromoButler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B39%2C%2045%2C%2074%2C%2090%2C%2091%2C%20105%2C%20106%5D%22%2C%22folder_id%22%3A%22144436%22%2C%22folder_name%22%3A%22jambooty_2269867%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224497%22%7D&_u=YEDAAEABAAAAI~&cid=1235037802.1653053733&tid=UA-2482376-11&_gid=1951187675.1653053733&gtm=2wg5b0NDZL236&gcs=G101&cd1=4497&cd4=nl&cd6=144436&cd7=false&z=757877261

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 80ms
28ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=533192772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F%3Fkm_pb_email%3Dcarl_vermeiren%40hotmail.com&dr=http%3A%2F%2Fr.mails.netmedia-europe.be%2F&ul=en-us&de=UTF-8&dt=Alle%20nieuwe%20folders%20en%20promoties%20deze%20week%20vind%20je%20op%20PromoButler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B21%2C%2045%2C%2086%5D%22%2C%22folder_id%22%3A%22144433%22%2C%22folder_name%22%3A%22jambooty_2269882%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%225114%22%7D&_u=YEDAAEABAAAAI~&cid=1235037802.1653053733&tid=UA-2482376-11&_gid=1951187675.1653053733&gtm=2wg5b0NDZL236&gcs=G101&cd1=5114&cd4=nl&cd6=144433&cd7=false&z=1869570576

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 81ms
30ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=533192772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F%3Fkm_pb_email%3Dcarl_vermeiren%40hotmail.com&dr=http%3A%2F%2Fr.mails.netmedia-europe.be%2F&ul=en-us&de=UTF-8&dt=Alle%20nieuwe%20folders%20en%20promoties%20deze%20week%20vind%20je%20op%20PromoButler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B43%2C%2045%2C%2047%2C%2048%2C%2062%5D%22%2C%22folder_id%22%3A%22144154%22%2C%22folder_name%22%3A%22jambooty_2269294%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224508%22%7D&_u=YEDAAEABAAAAI~&cid=1235037802.1653053733&tid=UA-2482376-11&_gid=1951187675.1653053733&gtm=2wg5b0NDZL236&gcs=G101&cd1=4508&cd4=nl&cd6=144154&cd7=false&z=2138830735

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 82ms
30ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=533192772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F%3Fkm_pb_email%3Dcarl_vermeiren%40hotmail.com&dr=http%3A%2F%2Fr.mails.netmedia-europe.be%2F&ul=en-us&de=UTF-8&dt=Alle%20nieuwe%20folders%20en%20promoties%20deze%20week%20vind%20je%20op%20PromoButler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B74%2C%2091%2C%20105%5D%22%2C%22folder_id%22%3A%22144190%22%2C%22folder_name%22%3A%22jambooty_2269378%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224692%22%7D&_u=YEDAAEABAAAAI~&cid=1235037802.1653053733&tid=UA-2482376-11&_gid=1951187675.1653053733&gtm=2wg5b0NDZL236&gcs=G101&cd1=4692&cd4=nl&cd6=144190&cd7=false&z=516094048

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 83ms
32ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=533192772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F%3Fkm_pb_email%3Dcarl_vermeiren%40hotmail.com&dr=http%3A%2F%2Fr.mails.netmedia-europe.be%2F&ul=en-us&de=UTF-8&dt=Alle%20nieuwe%20folders%20en%20promoties%20deze%20week%20vind%20je%20op%20PromoButler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B41%2C%2043%2C%2064%2C%2089%2C%2094%5D%22%2C%22folder_id%22%3A%22144769%22%2C%22folder_name%22%3A%22jambooty_2270740%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%225085%22%7D&_u=YEDAAEABAAAAI~&cid=1235037802.1653053733&tid=UA-2482376-11&_gid=1951187675.1653053733&gtm=2wg5b0NDZL236&gcs=G101&cd1=5085&cd4=nl&cd6=144769&cd7=false&z=1092515663

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 83ms
32ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=533192772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F%3Fkm_pb_email%3Dcarl_vermeiren%40hotmail.com&dr=http%3A%2F%2Fr.mails.netmedia-europe.be%2F&ul=en-us&de=UTF-8&dt=Alle%20nieuwe%20folders%20en%20promoties%20deze%20week%20vind%20je%20op%20PromoButler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B43%2C%2069%2C%2089%5D%22%2C%22folder_id%22%3A%22144580%22%2C%22folder_name%22%3A%22jambooty_2270200%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%225095%22%7D&_u=YEDAAEABAAAAI~&cid=1235037802.1653053733&tid=UA-2482376-11&_gid=1951187675.1653053733&gtm=2wg5b0NDZL236&gcs=G101&cd1=5095&cd4=nl&cd6=144580&cd7=false&z=1128750930

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 83ms
32ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=533192772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F%3Fkm_pb_email%3Dcarl_vermeiren%40hotmail.com&dr=http%3A%2F%2Fr.mails.netmedia-europe.be%2F&ul=en-us&de=UTF-8&dt=Alle%20nieuwe%20folders%20en%20promoties%20deze%20week%20vind%20je%20op%20PromoButler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B41%2C%2043%2C%2048%2C%2064%2C%2069%2C%2088%2C%2094%5D%22%2C%22folder_id%22%3A%22144736%22%2C%22folder_name%22%3A%22jambooty_2270632%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%2295%22%7D&_u=YEDAAEABAAAAI~&cid=1235037802.1653053733&tid=UA-2482376-11&_gid=1951187675.1653053733&gtm=2wg5b0NDZL236&gcs=G101&cd1=95&cd4=nl&cd6=144736&cd7=false&z=451589650

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 83ms
32ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=533192772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F%3Fkm_pb_email%3Dcarl_vermeiren%40hotmail.com&dr=http%3A%2F%2Fr.mails.netmedia-europe.be%2F&ul=en-us&de=UTF-8&dt=Alle%20nieuwe%20folders%20en%20promoties%20deze%20week%20vind%20je%20op%20PromoButler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B32%2C%2041%2C%2048%2C%2064%2C%2075%2C%2094%5D%22%2C%22folder_id%22%3A%22144724%22%2C%22folder_name%22%3A%22jambooty_2270617%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%22291%22%7D&_u=YEDAAEABAAAAI~&cid=1235037802.1653053733&tid=UA-2482376-11&_gid=1951187675.1653053733&gtm=2wg5b0NDZL236&gcs=G101&cd1=291&cd4=nl&cd6=144724&cd7=false&z=2126116164

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/5f14bf2d-fb70-4a75-b8ce-ca6bc398ec81/ 4 KB
2 KB 44ms
34ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/5f14bf2d-fb70-4a75-b8ce-ca6bc398ec81/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbef90ccfaa61b3cdd3a7704c202ef7f98bd49c8d1f54e41b7fb984c38cd4301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:33 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1539
cf-polished: origSize=4480
status: 200 OK
x-envoy-upstream-service-time: 26
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: dcf0f621-79ce-4da9-b96c-7cc7681ed31b
x-runtime: 0.024859
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"dabc49a19d6a4bb0589eee3def16eec1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 70e574c7797b99fd-CDG
access-control-allow-headers: SDK-Version
expires: Fri, 20 May 2022 14:35:33 GMT

POST
H3 200 rum Show response
www.promobutler.be/cdn-cgi/ 0
168 B 26ms
23ms XHR
text/plain 2606:4700:10::6816:468a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:468a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.promobutler.be/nl/?km_pb_email=carl_vermeiren@hotmail.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: application/json

Response headers

date: Fri, 20 May 2022 13:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.promobutler.be
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 70e574c7fe3b0863-CDG
vary: Origin

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 42ms
42ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray: 70e574c80ca73acb-CDG
date: Fri, 20 May 2022 13:35:33 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1838
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 19 Jun 2022 13:35:33 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/5f14bf2d-fb70-4a75-b8ce-ca6bc398ec81/ 176 B
619 B 66ms
41ms Fetch
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/5f14bf2d-fb70-4a75-b8ce-ca6bc398ec81/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbe1d6f8f4ebae58dd2f8d6ba787ee5c3b4a4d15e01c8e213ae765349d4ffa9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 9
status: 200 OK
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9a8e043f-be23-49cc-a819-6e0785947425
x-runtime: 0.005815
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"bbe1d6f8f4ebae58dd2f8d6ba787ee5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 70e574c88802085b-CDG
access-control-allow-headers: SDK-Version

GET
H2 200 be5e2fda-d852-4a9f-a446-b88b0277e3d8.png
img.onesignal.com/t/ 16 KB
16 KB 50ms
40ms Image
image/png 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onesignal.com/t/be5e2fda-d852-4a9f-a446-b88b0277e3d8.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df5f4a1af30176d4ff660df794ebea661cd3a8b49cfc49eeeb51f4d4a4b44d42

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:35:33 GMT
cf-cache-status: HIT
age: 1502
x-amz-meta-cache-control: public, maxage=604800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16239
x-amz-id-2: QvsHapQvQqe5r6C9tag+b7N30DmkJobuDCO8XbZ1BeH8vsKqYHPnS+gfcwwKoY7ad5ocD1MNrd4=
last-modified: Thu, 20 Dec 2018 13:18:32 GMT
server: cloudflare
etag: "041c8bcb6b783e3df28c003ea0690a3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4CF8FKF0XP59N6FG
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 70e574c8fc4f99fd-CDG
expires: Mon, 20 Jun 2022 13:35:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sibautomation.com
URL: https://sibautomation.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sibautomation.com/	1970-01-20 07:32:11	Name: uuid Value: 827b934a-e13c-49e2-86b0-203232108935
			www.promobutler.be/	1970-01-20 03:54:05	Name: CookieScriptConsent Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"}}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.promobutler.be/user Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookie-script.com
cdn.onesignal.com
certify-js.alexametrics.com
certify.alexametrics.com
d31qbv1cthcecs.cloudfront.net
img.folders.eu
img.onesignal.com
in-automate.sendinblue.com
onesignal.com
publish.folders.eu
r.mails.netmedia-europe.be
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
sibautomation.com
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com
www.promobutler.be
sibautomation.com
108.138.17.91
13.226.184.44
185.107.232.127
2600:1f16:bc:1201:d9c:1188:e629:5a34
2606:4700:10::6816:468a
2606:4700:10::ac43:14cc
2606:4700:4400::6812:2291
2606:4700:440e::6812:2fe6
2606:4700::6811:90c
2606:4700::6812:e134
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2008
65.108.188.9
99.86.7.18
051c06f555c7c3052b1a2d08dc8bf9a661464e25a4d0f71cc7145dcb35a2faa9
13211652326034ad756d3cd7f6f8eaf3ded9783e946012ed149402b861b4f797
1aaec851e35a13ced0aef0933b8596df0e0267606501d77f01b45feadb449a85
1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591
1d9ae8bfdff7a1b4ab02d3de8ae10f49b8d1c465e89b92439f2a112f109673c5
1e7bdde39e2b607ff498d8adecf6e45e15112d72258072b027fcbad4660378ad
20524d46d927365e4e8d90c49f7e82dc76ccfe262775e916a3d9405cf0763ae7
227ad732a23de06f1192f9ace4e88c066abec02e46e7e1a16524b468f1ca57df
3ac71f879df47bff42fd3a509bd462ec75ab49678a54f4d37b3b85ec26070625
3ea9e6fbd32e00312d331a9361cf174f9863b15513271d3913383895d760068e
4249ad4a466f34933df58a1c652045152364505a394e3e1f62e802dab64bd918
47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562
4959c86eccfed409e99b69742d6c7b8954e2b3b875cf3332a9b6910e29c87a4f
5a9a039ab77617312dadc1937a111e74764430cf409455e88445a88e5b25eee3
5c671f5d459c10bf4483a4489cbf712d61b7fd1bafc064519b6355ed24e354fb
5c9f772a66e58141a41e51d577215c00590baed7404c0e571f1ec98968f83317
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
69301d019766c3228e6ee913ad4c8bf38826f3c8cd5e383485f834ea44046765
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
76bcfb86aaac515b02a5abc55c967e1967df9c70b6c93d58b491c44ed9312006
7d5cedd5bbb1a2462e165008fb1d0728b9fc054982511d5e84f64ad962ff186c
7e5e2157646105043e22beb6bdbb6b268797d05fc303d3f84a6322857e510fb2
7f2d1d3af80abd999b7190f4afe50d1cae648451b718414b41597e1668f0fb8b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2
96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b33fb912013b9f32116b80485b952a56e9668237581924ed99ea06b76feee3a1
bbe1d6f8f4ebae58dd2f8d6ba787ee5c3b4a4d15e01c8e213ae765349d4ffa9a
bccbb75744006b250315fc2ff9932b47257c1dbe652103d02db8a075ef6ff51e
bd8aebe78faeed87d2f19aa2be5ad604062f367f6a88db57d028ea159e4ccfc7
cbef90ccfaa61b3cdd3a7704c202ef7f98bd49c8d1f54e41b7fb984c38cd4301
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd81dead059331b33d3a274f37d005d900d8106964ce44c9e469190a30b84de1
df5f4a1af30176d4ff660df794ebea661cd3a8b49cfc49eeeb51f4d4a4b44d42
e1c1404bf42cbc72c8512ee89ce921c36b819b8935e97f24ffd66404de626f64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3db776486256b70d4aa4620517b24098f860c6abe23c56246d6a855cb8772f4
e868cc56761865d432435d19cb303aeee2a7d8a1a97d2d1fec584edb2a4cd3e9
ebd04bcaa77c92d890c14590836a771ae0d45f185acba8bcbcb878a5da32214d
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

www.promobutler.be Open in urlscan Pro 2606:4700:10::6816:468a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

77 %HTTPS

64 %IPv6

13 Domains

17 Subdomains

15 IPs

4 Countries

1109 kBTransfer

2246 kBSize

2 Cookies

15 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.promobutler.be Open in urlscan Pro
2606:4700:10::6816:468a Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

77 %
HTTPS

64 %
IPv6

13
Domains

17
Subdomains

15
IPs

4
Countries

1109 kB
Transfer

2246 kB
Size

2
Cookies

62 HTTP transactions
0 data transactions