www.promobutler.be Open in urlscan Pro
2606:4700:10::6816:478a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.promobutler.be/
Effective URL:
https://www.promobutler.be/nl/
Submission: On February 28 via api (February 28th 2021, 9:22:18 pm UTC) from US

Summary HTTP 140 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 20 domains to perform 140 HTTP transactions. The main IP is 2606:4700:10::6816:478a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.promobutler.be.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2020. Valid for: a year.

This is the only time www.promobutler.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	2606:4700:10:... 2606:4700:10::6816:478a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.24.22 13.32.24.22	16509 (AMAZON-02) (AMAZON-02)
1	89.187.169.26 89.187.169.26	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.3.74 99.86.3.74	16509 (AMAZON-02) (AMAZON-02)
21	2600:9000:215... 2600:9000:2156:e000:1e:2c34:5d40:93a1	16509 (AMAZON-02) (AMAZON-02)
15 15	2606:4700:10:... 2606:4700:10::6816:32cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	99.86.3.55 99.86.3.55	16509 (AMAZON-02) (AMAZON-02)
1 7	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	62.113.194.2 62.113.194.2	47447 (TTM) (TTM)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
12	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	34.226.117.90 34.226.117.90	14618 (AMAZON-AES) (AMAZON-AES)
2 4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
1	88.99.69.161 88.99.69.161	24940 (HETZNER-AS) (HETZNER-AS)
140	32

12 2606:4700:10::6816:478a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.promobutler.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.24.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-24-22.fra56.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.26 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-89-187-169-26.cdn77.com

widgets.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-74.fra6.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:2156:e000:1e:2c34:5d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.folders.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:32cf (United States) 15 redirects

ASN13335 (CLOUDFLARENET, US)

publish.folders.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.folders.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-55.fra6.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.113.194.2 (Berlin, Germany)

ASN47447 (TTM, DE)
PTR: edge-509.b-cdn.net

st.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.117.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-117-90.compute-1.amazonaws.com

app.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.149 (Ketsch, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.245 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal900025.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.69.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.69.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	folders.eu 15 redirects img.folders.eu publish.folders.eu images.folders.eu	704 KB
31	googlesyndication.com pagead2.googlesyndication.com be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com tpc.googlesyndication.com	194 KB
20	doubleclick.net 2 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads4.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	160 KB
15	google-analytics.com www.google-analytics.com	20 KB
12	promobutler.be 1 redirects www.promobutler.be	429 KB
8	google.com 1 redirects www.google.com adservice.google.com	1 KB
7	googletagservices.com www.googletagservices.com	211 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal900025.redintelligence.net	9 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	ampproject.org cdn.ampproject.org	99 KB
5	getsitecontrol.com widgets.getsitecontrol.com st.getsitecontrol.com media.getsitecontrol.com app.getsitecontrol.com	1003 KB
4	google.de www.google.de adservice.google.de	1 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	5 KB
1	contentspread.net cdn.contentspread.net	44 KB
1	googleapis.com fonts.googleapis.com	681 B
1	2mdn.net s0.2mdn.net	56 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	2 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
140	20

	Domain	Requested by
21	img.folders.eu	www.promobutler.be
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.promobutler.be tpc.googlesyndication.com be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com cdn.ampproject.org googleads.g.doubleclick.net
15	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.promobutler.be
13	pagead2.googlesyndication.com	www.promobutler.be securepubads.g.doubleclick.net be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	publish.folders.eu	12 redirects
12	www.promobutler.be	1 redirects www.promobutler.be
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.promobutler.be
7	www.googletagservices.com	www.promobutler.be securepubads.g.doubleclick.net be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com
7	www.google.com	1 redirects www.promobutler.be securepubads.g.doubleclick.net be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	hal900025.redintelligence.net	1 redirects be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com hal900025.redintelligence.net
3	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com www.promobutler.be
3	images.folders.eu	3 redirects
3	www.google.de	www.promobutler.be
3	stats.g.doubleclick.net	www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	media.getsitecontrol.com	www.promobutler.be st.getsitecontrol.com
1	cdn.contentspread.net	hal900025.redintelligence.net
1	hal9000.redintelligence.net	be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	s0.2mdn.net	securepubads.g.doubleclick.net
1	googleads4.g.doubleclick.net	www.promobutler.be
1	app.getsitecontrol.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	st.getsitecontrol.com	widgets.getsitecontrol.com
1	certify.alexametrics.com	www.promobutler.be
1	certify-js.alexametrics.com	www.promobutler.be
1	cdn.onesignal.com	www.promobutler.be
1	widgets.getsitecontrol.com	www.promobutler.be
1	d31qbv1cthcecs.cloudfront.net	www.promobutler.be
1	www.googletagmanager.com	www.promobutler.be
140	35

This site contains links to these domains. Also see Links.

Domain
www.acties.be
www.promobutler.foundation
magazines.promobutler.be
publish.folders.eu
itunes.apple.com
play.google.com
www.facebook.com
instagram.com
www.linkedin.com
www.pinterest.com
www.folders.eu
www.promobutler.nl
www.promoties.be
www.netmedia-europe.be

Subject Issuer	Validity	Valid
promobutler.be Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2020-03-05` - `2022-05-04`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
img.folders.eu Amazon	`2020-07-10` - `2021-08-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
redintelligence.net R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
contentspread.net R3	`2021-02-01` - `2021-05-02`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.promobutler.be/nl/
Frame ID: A0F2C49F92A5702EE8FDBB19F0B5E595
Requests: 78 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-9t4EokHOFixrsB_9NInmC17XuW5oJC8dOyXXj6n-bcz-YLqk0QhvTeeg1NO7Iq9RsaOyhRV8NgH02ssc3WJuH_TcpEucdyAzRgMcj_yQ8b4Fdf2gOgBJKKwZSUI1yarrJyt8JqgP0AVA0mIZxn1xtRxpgQZ3hbf3DkyHU_MsdaZmQ-hYHqCRYppfycMnWJDRtMurakhRjVbYOpoULyAQppv1Yg0G8byjrdUDfK6RrJalRSlRaAPTCrkVxeueaLMRMLsPlkdUUf_nTPFf2jv1JPmK8ByjBUCfPcOeKH7l8bnXz619cHRf4JVsP2o&sai=AMfl-YTr40h_4OWltpXvfo1ddcJCG3dTLGN3z7MiSFfWLGYYGP3QqZTatMzAgdp4fktpuOaUL67l7owEnj6RX54Y-vgVHJFoxH9Ba9jWCHQTLtncN_LYw63MsUmrkhY71leN&sig=Cg0ArKJSzCDuROXdadWIEAE&adurl=
Frame ID: ECE3DEB1EBD8A0A33659DD5DCDE06A4E
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQtrW46Ho8VntJnoefpS2R64Y3HGaB6tSSEArPKdt1uKWolNpMftdVIskBIc76ukSf15jLJf_SaARpTyLV17IJCTe_l6XyIxXje7c7AQYSZErfbEEEHazmpqSvjizwLf-SJK2LL-z3jhQsN21p2QaiKEAfoODOKRJmptTRFRJl2LMArKpY8uJR4ebHWroOFHWJFUelhFcV_RfaHBHlU5aJJKXs5G9NOST9MZoIl_eI90kyQE3B-i41PpF9rKvIBzaMNq7UJjZ6f-0_sFPt_JhtX0WT3J02fq3xkL_MV-9RowUYhWpj9rt2DsAkVGs&sai=AMfl-YQMQCAxX0DTTG58qGdhtQ-gKpkiL-bWC5RVA4Wu4YqDfERaneCtl-kjS8O-PThqIH9_-Hta_tZNZYYBFCKghC05fDYrzCnUBDdIgBtF3OqOUMnDiZ35X2vlB6yv48WJ&sig=Cg0ArKJSzAEbEkEyp9caEAE&adurl=
Frame ID: 3AA0CA7623C8F988461D4863E4C32AFA
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXNv2kAwOGIebAl0WxyBc2ptWjl1D0fS1cUivSXExI9Efjl0nBVuG72UH7HU-7_RAfKsVSMVQLe3TKWMTnhTYNm12MazOJZA9Minvp4qngX-RMEYXxtOsks8mp7CHFt4mvfvfBMdRw_PCwifYDEbmqYTLyDHzsWt2WNJSzVpZPyhaChMMrWldXS97VLRNAAy9w4-WPIayN3m_96xC1_B8Yw1-cGlxlHR60w8ptT2ovJcx3EYT3Ft1a4oe3cyV67nyDvGw2hTIfa21_ntUXb0P93G7A7lgbivD9U-mw0UZDYmk2c0KeGFWS-tMOVtc&sai=AMfl-YTxjHQZjt1SAoDa8satkcdPx440pAFRdvzIeP7Exis2eHNF_FwpCRK3F3fX_XEYqrMaL4uCVKFOHa9_BRexrLK1O4miMNvPNtpxVh60Rd2D0IxHw2ugvShlj2y-DERw&sig=Cg0ArKJSzLc6IuFaKnHjEAE&adurl=
Frame ID: 473BB71CE819AE5C824A9C3D3CC36448
Requests: 6 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpLU2eJKIlgcnqYLQLmDlA1GXcDoBpTb9p-aB9Dyi0qkIN6YkaigEYATlvEkBJlqi47Z92osMs6XNb5ub3wv3zo14b2wiRtMtQMyPTZ6sHsXlZJYPFc3uLnM5vMdb2MoPsvvZn8bVyfOxLfj3GOAoqzKwMrLZUmgRYFvrKAMRNQ1Kz5AgxRLWhi1QVA5AZSQ9vJhwP5pWlPvcP4ByD2SQPIYtl3Y8NRLDy8KNvem0GDPpRQqrN03RWiPGReKacqBtjlwAeeMgwavhjZaBCYqwQU_EIe24IKEQ60P1_e1FN-allalUtbflgC_1lK3VN-Iq7IpU2OOwJgQUsFzqjTJP58aPAECDOh3JJaskUI3IDTVTmTi-FY3-SjBWrzgV8DPzhH5k&sai=AMfl-YRiliqWbAFRQnlHU6CegOgrpc1gPUfUozdvNo3N9Upeppi4d0iYTK1xm41ix5r6iSZO73VZA20Jao0LDp3eG75qd7FRwymvIMQKypa_i7WpczBrCj2E_S9onZOuXL1R&sig=Cg0ArKJSzB1_CzZivV1sEAE&urlfix=1&adurl=
Frame ID: EE321E59421B7D90E556C944E4DDCE02
Requests: 6 HTTP requests in this frame

Frame: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: BBFDE237B668910FD2AC66F5BD06BCBD
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 6DB6725E1DBA9FC061A6EC0B6278156C
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D70C8802B268223156DC4F906BCA509C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWWVJTa0DjxZVckhFBXj-mtU5rqg7Z_AwPtom3Yo_eiOEJxV1euggp3yMHnVaL6vm5Dl6xSJBAl6BivMM_FKUuHj1dc_w
Frame ID: 8282198678420F1CA30193CEAA8C7CA9
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: CEC44F096144544C9928394A1B67B57E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5515B263C1CA38E572CE4F5A5E2580F4
Requests: 3 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=13409400214475500710152011519025&a=87207c4e
Frame ID: 33B2F0B9ADB2951548AF981BDC294B61
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.promobutler.be/ HTTP 301
https://www.promobutler.be/nl/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\/pagead\/show_ads\.js/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

140
Requests

100 %
HTTPS

63 %
IPv6

20
Domains

35
Subdomains

32
IPs

3
Countries

3010 kB
Transfer

5381 kB
Size

10
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.acties.be/
Title: Kortingscodes

Search URL Search Domain Scan URL

URL: https://www.promobutler.foundation/
Title: Duurzaamheid

Search URL Search Domain Scan URL

URL: https://magazines.promobutler.be/nl-BE/
Title: Ontdek Digimagkiosk!

Search URL Search Domain Scan URL

URL: https://publish.folders.eu/login
Title: Voeg je eigen folder toe

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/nl/app/promobutler-reclamefolders/id853571279?utm_source=promobutler&utm_medium=app-home&utm_campaign=promobutler
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=be.netmediaeurope.promobutler&utm_source=promobutler&utm_medium=app-home&utm_campaign=promobutler
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/promobutler

Search URL Search Domain Scan URL

URL: https://instagram.com/promobutler

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/9366017

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/promobutlerbe

Search URL Search Domain Scan URL

URL: https://www.folders.eu/
Title:

Search URL Search Domain Scan URL

URL: https://www.promobutler.nl/
Title:

Search URL Search Domain Scan URL

URL: https://www.promoties.be/
Title:

Search URL Search Domain Scan URL

URL: https://www.netmedia-europe.be/
Title: Netmedia Europe NV - © 2007- 2021

Search URL Search Domain Scan URL

URL: https://publish.folders.eu/fixed/2211716?utm_source=promobutler&utm_medium=cpc&utm_campaign=clickbybehaviour&utm_content=210224-nl
Title: BEKIJK DE FLYER

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.promobutler.be/ HTTP 301
https://www.promobutler.be/nl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://publish.folders.eu/publication/2208995/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/220/89/95/bizz_2208995.pdf?v=102&fm=auto&page=1&w=400

Request Chain 18

https://publish.folders.eu/publication/2208578/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/220/85/78/bizz_2208578.pdf?v=2&fm=auto&page=1&w=400

Request Chain 19

https://publish.folders.eu/publication/2210447/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/221/04/47/bizz_2210447.pdf?v=2&fm=auto&page=1&w=400

Request Chain 22

https://publish.folders.eu/publication/2210426/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/221/04/26/bizz_2210426.pdf?v=2&fm=auto&page=1&w=400

Request Chain 23

https://publish.folders.eu/publication/2210159/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/221/01/59/bizz_2210159.pdf?v=2&fm=auto&page=1&w=400

Request Chain 24

https://publish.folders.eu/publication/2210948/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/221/09/48/bizz_2210948.pdf?v=2&fm=auto&page=1&w=400

Request Chain 26

https://publish.folders.eu/publication/2209319/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/220/93/19/bizz_2209319.pdf?v=2&fm=auto&page=1&w=400

Request Chain 27

https://publish.folders.eu/publication/2211716/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/221/17/16/bizz_2211716.pdf?v=2&fm=auto&page=1&w=400

Request Chain 28

https://publish.folders.eu/publication/2210840/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/221/08/40/bizz_2210840.pdf?v=2&fm=auto&page=1&w=400

Request Chain 29

https://publish.folders.eu/publication/2209331/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/220/93/31/bizz_2209331.pdf?v=2&fm=auto&page=1&w=400

Request Chain 30

https://publish.folders.eu/publication/2210237/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/221/02/37/bizz_2210237.pdf?v=2&fm=auto&page=1&w=400

Request Chain 31

https://publish.folders.eu/publication/2211311/400/9999/cover.png?client=pb HTTP 301
https://img.folders.eu/live/publsh/bizz/221/13/11/bizz_2211311.pdf?v=2&fm=auto&page=1&w=400

Request Chain 75

https://images.folders.eu/aws/ads/auto5/2020/01/Auto5_Algemeen_Leaderboard_NL.jpg HTTP 302
https://img.folders.eu/ads/auto5/2020/01/Auto5_Algemeen_Leaderboard_NL.jpg

Request Chain 80

https://images.folders.eu/aws/ads/multi-bazar/2019/36/multi-bazar-algemeen-leaderboard.jpg HTTP 302
https://img.folders.eu/ads/multi-bazar/2019/36/multi-bazar-algemeen-leaderboard.jpg

Request Chain 84

https://images.folders.eu/aws/ads/zelfbouwmarkt/2020/32/webshop_LB_NL.gif HTTP 302
https://img.folders.eu/ads/zelfbouwmarkt/2020/32/webshop_LB_NL.gif

Request Chain 123

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2zMOatYcrZ7Qo29jYbRoQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2zMOatYcrZ7Qo29jYbRoQ&google_cver=1&C=1

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YDwJe0T7ZxWSUHvpDaxxdAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2zMOatYcrZ7Qo29jYbRoQ&google_cver=1

Request Chain 137

https://hal900025.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=0ce0d68e4b&subid=&uid=3b8165fa888d2e84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGn-wdgk8YL2VN7SMlQfR84c45LSqg1eXyqj_rgfwLhABIOCWhAdg9ZXOgeAEyAEJqQIez_OjR0G0PqgDAaoE1gFP0BIZOZ-xYIUiHUpxnQYir2Tu_fqEuT442jjOJ1DDR0W8MTsUS54Rg8wawkQ4hBQ_bNgR1nOMG0sDAPNbXmvhcxJGgk_QEbl8P9gDb-e9utWsOXH0so90vAcA_4vYBzg3QYFr4BGdm85YkKZYN9bonVlCbeOVjps2r6yR7fUx41T3dB4aSwD5hHRaThhzOJzUFpK_lelbtXazeQ5hlkvan3N9lT0R_Q-mgS59CBwao0p2SwO-w0RWA79zrg5A9n7mlN3lOcdrL_1ITmfijpu-WNa_sr-zwATllN_RzgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgGYCwHICwGADAGwE4XAtQrQEwDYEwOIFAHYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRo0MITvpASJs7O1fI9MWyT8wRv-42xf6Dy_tqxgJg0TbOYJzDtBs8fK7jtOWd1s7mYkBGseXdjyUDNqI8%26sig%3DAOD64_2g-Tja_e6sjTx-01sfCop8rd6thA%26client%3Dca-pub-5410484939036777%26dbm_c%3DAKAmf-CxbUgm3hyV4hkMOr2GDrCtogKPcaJz3-DKTHIJ8W20t2bu7Cr-NsVwD5Gk2hlhPlMAUKb38gPFngEniALcD9npFDoNKiiSfIw146qQvT5QW6GWLAn2iS4xuistLPsZpLZDxMpmfoqGwj51uGnbWSHit4f7zA%26cry%3D1%26dbm_d%3DAKAmf-CYQ7fjk9eluZwR-bdbQtTR3StuzO9GM1xex6Eoc2h8f7mQLss83duem0cpVzdM0mGwZhUiY2AdFD0DA1i6XXRHDwoCidYJJtK7rj-Ugzev_Gi6eQqL2JVKb0NqTCcOEMsktZedu63t0BcQdPsxsKYy7GFtVBA4e6UL37iHXRcV9H9fGEqDRXhCfkfXk-AHYL9BSRKIYAEX97rmowrEWGxbEITwSBtZEVlymyafuIKatU_exomNYd__78eM8DmSwiRpKxTGPIkhpZCAPLRA4kthn7975ZoPWzqChjPTjiJtPtB6CmtAZFgOpkcrf3agI9VYm0clh_e95pxu_O-7ezfz4RtBPDaMmnbE87DC6xYLeLtXDRAzL0jdwBmaDbuN0Dzenvi2hIPjH9xZvVcXSpLfQsYXwRELOdYxVenNqHu6QZ1hxy61hJwsmGnreRkzRE5XfjdQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ancestorOrigins=https%3A%2F%2Fwww.promobutler.be&random=1124442612442&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal900025.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=0ce0d68e4b&subid=&uid=3b8165fa888d2e84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGn-wdgk8YL2VN7SMlQfR84c45LSqg1eXyqj_rgfwLhABIOCWhAdg9ZXOgeAEyAEJqQIez_OjR0G0PqgDAaoE1gFP0BIZOZ-xYIUiHUpxnQYir2Tu_fqEuT442jjOJ1DDR0W8MTsUS54Rg8wawkQ4hBQ_bNgR1nOMG0sDAPNbXmvhcxJGgk_QEbl8P9gDb-e9utWsOXH0so90vAcA_4vYBzg3QYFr4BGdm85YkKZYN9bonVlCbeOVjps2r6yR7fUx41T3dB4aSwD5hHRaThhzOJzUFpK_lelbtXazeQ5hlkvan3N9lT0R_Q-mgS59CBwao0p2SwO-w0RWA79zrg5A9n7mlN3lOcdrL_1ITmfijpu-WNa_sr-zwATllN_RzgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgGYCwHICwGADAGwE4XAtQrQEwDYEwOIFAHYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRo0MITvpASJs7O1fI9MWyT8wRv-42xf6Dy_tqxgJg0TbOYJzDtBs8fK7jtOWd1s7mYkBGseXdjyUDNqI8%26sig%3DAOD64_2g-Tja_e6sjTx-01sfCop8rd6thA%26client%3Dca-pub-5410484939036777%26dbm_c%3DAKAmf-CxbUgm3hyV4hkMOr2GDrCtogKPcaJz3-DKTHIJ8W20t2bu7Cr-NsVwD5Gk2hlhPlMAUKb38gPFngEniALcD9npFDoNKiiSfIw146qQvT5QW6GWLAn2iS4xuistLPsZpLZDxMpmfoqGwj51uGnbWSHit4f7zA%26cry%3D1%26dbm_d%3DAKAmf-CYQ7fjk9eluZwR-bdbQtTR3StuzO9GM1xex6Eoc2h8f7mQLss83duem0cpVzdM0mGwZhUiY2AdFD0DA1i6XXRHDwoCidYJJtK7rj-Ugzev_Gi6eQqL2JVKb0NqTCcOEMsktZedu63t0BcQdPsxsKYy7GFtVBA4e6UL37iHXRcV9H9fGEqDRXhCfkfXk-AHYL9BSRKIYAEX97rmowrEWGxbEITwSBtZEVlymyafuIKatU_exomNYd__78eM8DmSwiRpKxTGPIkhpZCAPLRA4kthn7975ZoPWzqChjPTjiJtPtB6CmtAZFgOpkcrf3agI9VYm0clh_e95pxu_O-7ezfz4RtBPDaMmnbE87DC6xYLeLtXDRAzL0jdwBmaDbuN0Dzenvi2hIPjH9xZvVcXSpLfQsYXwRELOdYxVenNqHu6QZ1hxy61hJwsmGnreRkzRE5XfjdQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ancestorOrigins=https%3A%2F%2Fwww.promobutler.be&random=1124442612442&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

140 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.promobutler.be/nl/
Redirect Chain

https://www.promobutler.be/
https://www.promobutler.be/nl/

121 KB
12 KB

17ms
16ms

Document
text/html

2606:4700:10::6816:478a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:478a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f3816d7eb954c6381515117a21283591fc27621b57ecf7c757e369c7ef6241c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.promobutler.be
:scheme: https
:path: /nl/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:57 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=db504fc35f559f3b971b776239b4589c61614547317; expires=Tue, 30-Mar-21 21:21:57 GMT; path=/; domain=.promobutler.be; HttpOnly; SameSite=Lax
cache-control: public, max-age=14400
pragma: cache
access-control-max-age: 14400
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; preload
x-frame-options: DENY
vary: accept-encoding
content-language: nl
cf-cache-status: HIT
age: 1962
cf-request-id: 088c1e0b6100004e49c9888000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 628d32bf09ab4e49-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sun, 28 Feb 2021 21:21:57 GMT
cache-control: max-age=3600
expires: Sun, 28 Feb 2021 22:21:57 GMT
location: https://www.promobutler.be/nl/
cf-request-id: 088c1e0b5600004e49d4225000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
server: cloudflare
cf-ray: 628d32bee98a4e49-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 home.min.js Show response
www.promobutler.be/js/ 400 KB
109 KB 39ms
38ms Script
application/javascript 2606:4700:10::6816:478a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/js/home.min.js?v=0.0.1-20210218111732.ca8b057

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:478a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37c0fda6f060beb370e88cf13308331de189f44865731f33f40af675a3a8bb37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 297403
strict-transport-security: max-age=15552000; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088c1e0b7800004e49de265000000001
pragma: cache
last-modified: Thu, 18 Feb 2021 11:18:25 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 31622400
content-type: application/javascript
access-control-allow-origin: *
vary: accept-encoding
cache-control: public, max-age=31622400
cf-ray: 628d32bf29d94e49-FRA

GET
H2 200 home.min.css
www.promobutler.be/css/ 173 KB
20 KB 23ms
22ms Stylesheet
text/css 2606:4700:10::6816:478a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/css/home.min.css?v=0.0.1-20210218111732.ca8b057

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:478a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16d2aedc3e59b19560e8a6f01407b72517a38f8956b1d3be2b960891bbfc9f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 297403
strict-transport-security: max-age=15552000; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088c1e0b7600004e4921b79000000001
pragma: cache
last-modified: Thu, 18 Feb 2021 11:18:25 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 31622400
content-type: text/css
access-control-allow-origin: *
vary: accept-encoding
cache-control: public, max-age=31622400
cf-ray: 628d32bf29db4e49-FRA

GET
H2 200 Roboto-Regular.woff2
www.promobutler.be/webfonts/ 63 KB
63 KB 16ms
14ms Font
application/font-woff2 2606:4700:10::6816:478a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/webfonts/Roboto-Regular.woff2

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:478a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.promobutler.be
Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 301185
strict-transport-security: max-age=15552000; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64632
cf-request-id: 088c1e0b7600004e49f309a000000001
pragma: cache
last-modified: Thu, 18 Feb 2021 11:18:25 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 31622400
content-type: application/font-woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 628d32bf29dd4e49-FRA

GET
H2 200 Roboto-Bold.woff2
www.promobutler.be/webfonts/ 63 KB
63 KB 22ms
21ms Font
application/font-woff2 2606:4700:10::6816:478a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/webfonts/Roboto-Bold.woff2

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:478a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.promobutler.be
Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 301185
strict-transport-security: max-age=15552000; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64740
cf-request-id: 088c1e0b7700004e49ff8c5000000001
pragma: cache
last-modified: Thu, 18 Feb 2021 11:18:25 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 31622400
content-type: application/font-woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 628d32bf29de4e49-FRA

GET
H2 200 Roboto-Light.woff2
www.promobutler.be/webfonts/ 63 KB
63 KB 23ms
22ms Font
application/font-woff2 2606:4700:10::6816:478a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/webfonts/Roboto-Light.woff2

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:478a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.promobutler.be
Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 301185
strict-transport-security: max-age=15552000; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64320
cf-request-id: 088c1e0b7700004e49e8ba3000000001
pragma: cache
last-modified: Thu, 18 Feb 2021 11:18:25 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 31622400
content-type: application/font-woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 628d32bf29df4e49-FRA

GET
H2 200 Roboto-Medium.woff2
www.promobutler.be/webfonts/ 64 KB
64 KB 22ms
21ms Font
application/font-woff2 2606:4700:10::6816:478a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/webfonts/Roboto-Medium.woff2

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:478a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.promobutler.be
Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 301185
strict-transport-security: max-age=15552000; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65484
cf-request-id: 088c1e0b7900004e49e123c000000001
pragma: cache
last-modified: Thu, 18 Feb 2021 11:18:25 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 31622400
content-type: application/font-woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 628d32bf29e14e49-FRA

GET
H2 200 icomoon.woff2
www.promobutler.be/webfonts/ 5 KB
5 KB 22ms
21ms Font
application/font-woff2 2606:4700:10::6816:478a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/webfonts/icomoon.woff2?c7zx4o

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:478a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cad4c4cb78f1439edee8f2232573f4ea1355a96b4a8619b8d146f651a1d23280

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.promobutler.be
Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 301185
strict-transport-security: max-age=15552000; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4944
cf-request-id: 088c1e0b7700004e49fa947000000001
pragma: cache
last-modified: Thu, 18 Feb 2021 11:18:25 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 31622400
content-type: application/font-woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 628d32bf29e24e49-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
34 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDZL236

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

032fde15bb914f7b72f941d6936300154424255742adb937c96fa78a927a0f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34311
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Feb 2021 21:21:57 GMT

GET
H2 200 icomoon.ttf
www.promobutler.be/webfonts/ 9 KB
9 KB 15ms
15ms Font
application/x-font-ttf 2606:4700:10::6816:478a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/webfonts/icomoon.ttf?c7zx4o

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/css/home.min.css?v=0.0.1-20210218111732.ca8b057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:478a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed193ce1394c7cf4e0491308849f503f0945f68889984dc0c932cfe531468900

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.promobutler.be
Referer: https://www.promobutler.be/css/home.min.css?v=0.0.1-20210218111732.ca8b057
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 13734
strict-transport-security: max-age=15552000; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9312
cf-request-id: 088c1e0bae00004e49e1240000000001
pragma: cache
last-modified: Thu, 18 Feb 2021 11:18:25 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 14400
content-type: application/x-font-ttf
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 628d32bf7a574e49-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZL236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5680
date: Sun, 28 Feb 2021 19:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 28 Feb 2021 21:47:17 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 76ms
24ms Script
text/javascript 13.32.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.promobutler.be
URL: https://www.promobutler.be/nl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-24-22.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 07 Feb 2021 02:52:01 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 1880997
ETag: W/"96c08723796affab377d9bb08d631cd0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: 1J2Zzdeqe0Q18KWgCCjTUjtjIJOJg84L_P_wxnlLCqFu2pnuLEGkvQ==

GET
H2 200 script.js Show response
widgets.getsitecontrol.com/138533/ 50 KB
9 KB 316ms
236ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getsitecontrol.com/138533/script.js
Requested by: Host: www.promobutler.be
URL: https://www.promobutler.be/nl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 67fc5b241ea1dc200630547afa12ef2fc50852a2d56aa1dc444ff3cb830db7ed

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:58 GMT
content-encoding: br
cdn-edgestorageid: 657, 617
x-amz-request-id: 581E91CCA1F2B7B4
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-02-28 21:38:15
cdn-pullzone: 44619
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: AKAoKyjx400KS+ck3GtsCz6HxfH5dN/i17e1Cs92x5ZphTjQouyGap36MVqfI8OYdt95Ru6HvEk=
access-control-allow-origin: *
last-modified: Sun, 28 Feb 2021 20:38:02 GMT
server: BunnyCDN-DE1-657
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=5
cdn-requestid: 58f9d8f848598d7d7d5d77e31b73e7bc
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 28ms
13ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.promobutler.be
URL: https://www.promobutler.be/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:57 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2631
etag: W/"29e3b92597e716694def18b1f85abbfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 628d32c00a980eb7-FRA
cf-request-id: 088c1e0c0a00000eb7aabf1000000001
expires: Sun, 28 Feb 2021 22:21:57 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 77ms
25ms Script
text/javascript 99.86.3.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.promobutler.be
URL: https://www.promobutler.be/nl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-74.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 00:34:48 GMT
Via: 1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 13207630
ETag: "96c08723796affab377d9bb08d631cd0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 4264
X-Amz-Cf-Id: GzKAaksWAbgo9cwb-b6lVOGTI_x-WmjRqSL1vZv4W2a7aRaX0fmhCA==

GET
H2 200 icon_close.svg
img.folders.eu/live/promobutler/assets/v2/icons/ 2 KB
2 KB 84ms
10ms Image
image/avif 2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/promobutler/assets/v2/icons/icon_close.svg

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/css/home.min.css?v=0.0.1-20210218111732.ca8b057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

41a5a67ebe8d776ff240a5633dac88a6730edb504df682801c843e7724c201de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/css/home.min.css?v=0.0.1-20210218111732.ca8b057
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 9efc30f6d35329848be1b9fc3e0ceda6
x-gumlet-reqid: 6024ed2dd38fae35194b1d11
age: 1514568
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.03
vary: accept
content-length: 1612
date: Thu, 11 Feb 2021 08:39:09 GMT
access-control-max-age: 1728000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: vHEfZijdYW_zm_EAcQce-TD8RBwGH5qW0FhaUtPWK6eUusDf1BUo7Q==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
390 B 48ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1472579318&t=pageview&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ul=en-us&de=UTF-8&dt=Alle%20promoties%2C%20aanbiedingen%20en%20acties%20op%20een%20rijtje%20-%20Promobutler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1426318697&gjid=1241014678&cid=347463658.1614547318&tid=UA-2482376-1&_gid=941748548.1614547318&_r=1&gtm=2wg2h0NDZL236&z=1409664908

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:21:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.promobutler.be
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elektrische-fiets-met-centrale-motor--8863601.jpg
img.folders.eu/live/promobutler/articles/2021/02/18/88636/ 12 KB
13 KB 31ms
11ms Image
image/avif 2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/promobutler/articles/2021/02/18/88636/elektrische-fiets-met-centrale-motor--8863601.jpg?w=200&h=200&fm=auto

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

512efda63931541c80ee876a3ef0d35a4ac0abb066cc70899c32034df25f33eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: e8eb36bf06919607751f15a0dc3c20b5
x-gumlet-reqid: 60359d1bc17d7e8b7163e375
age: 420953
x-gumlet-oc: HIT
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.763
vary: accept
content-length: 12590
date: Wed, 24 Feb 2021 00:26:04 GMT
access-control-max-age: 1728000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: bifwCe3AbTi_PncevjB-1KjWw11lrFnfMvWhbZ0pPqoh98UI90TKmg==

GET
H2

200

bizz_2208995.pdf
img.folders.eu/live/publsh/bizz/220/89/95/
Redirect Chain

https://publish.folders.eu/publication/2208995/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/220/89/95/bizz_2208995.pdf?v=102&fm=auto&page=1&w=400

57 KB
57 KB

14ms
12ms

Image
image/webp

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/220/89/95/bizz_2208995.pdf?v=102&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9410988db1469cb2679c6d4c5db7c1f8b5f3e48c4bcb1a41ee03bd9f750fb0bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 3c10e95aa4cbabfbba9eadcac3b6ab87
x-gumlet-reqid: 6034b62bfa457c5175a58985
age: 480075
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.473
vary: accept
content-length: 58186
date: Tue, 23 Feb 2021 08:00:43 GMT
access-control-max-age: 1728000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: Sh8OjZqxT8bxjq79sOckDW28RMHoaz8u_23ZPVbO8PhtOlzj3uNivA==

Redirect headers

pragma: cache
date: Sun, 28 Feb 2021 21:21:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/220/89/95/bizz_2208995.pdf?v=102&fm=auto&page=1&w=400
cache-control: public
cf-ray: 628d32c098d8536a-FRA
cf-request-id: 088c1e0c5b0000536a35047000000001

GET
H2

200

bizz_2208578.pdf
img.folders.eu/live/publsh/bizz/220/85/78/
Redirect Chain

https://publish.folders.eu/publication/2208578/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/220/85/78/bizz_2208578.pdf?v=2&fm=auto&page=1&w=400

40 KB
41 KB

13ms
13ms

Image
image/webp

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/220/85/78/bizz_2208578.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ed75f0f8c7db37c3cd62d90eada645a85912bcb37a2ad7cf13863e496f18336a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 8e5b4a7e3b72cb1890e72a943aa19cc9
x-gumlet-reqid: 601d025c6c3c40d393fcef49
age: 2033433
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.151
vary: accept
content-length: 41008
date: Fri, 05 Feb 2021 08:31:25 GMT
access-control-max-age: 1728000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: fUH-eeA3Nlwwh6a6XNtPZccqKADYVpf7oMrctbq4ewNPs2Wv_M77SA==

Redirect headers

pragma: cache
date: Sun, 28 Feb 2021 21:21:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/220/85/78/bizz_2208578.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 628d32c098de536a-FRA
cf-request-id: 088c1e0c5c0000536a3e3d3000000001

GET
H2

200

bizz_2210447.pdf
img.folders.eu/live/publsh/bizz/221/04/47/
Redirect Chain

https://publish.folders.eu/publication/2210447/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/221/04/47/bizz_2210447.pdf?v=2&fm=auto&page=1&w=400

52 KB
53 KB

11ms
11ms

Image
image/webp

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/221/04/47/bizz_2210447.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

93bddcdc8d853b6518b651e9c837e5754caa4749e927b97ea05b697e150b76f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 01350336a4c28f57bf8b31a2628ddc9a
x-gumlet-reqid: 6029bc8a46493f8e90d46b5b
age: 1199338
x-gumlet-oc: HIT
x-cache: Hit from cloudfront
x-gumlet-runtime: 1.708
vary: accept
content-length: 53170
date: Mon, 15 Feb 2021 00:13:00 GMT
access-control-max-age: 1728000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: TDMKsD_I-nKJRauilOmIT_PR36-LGG-t2skWwMvZUtijpUHXWtgPyg==

Redirect headers

pragma: cache
date: Sun, 28 Feb 2021 21:21:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/221/04/47/bizz_2210447.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 628d32c098d9536a-FRA
cf-request-id: 088c1e0c5b0000536a2ea55000000001

GET
H2 200 dream-maker-stonehenge-ezl-spa--8863595.jpg
img.folders.eu/live/promobutler/articles/2021/02/18/88635/ 9 KB
10 KB 36ms
17ms Image
image/avif 2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/promobutler/articles/2021/02/18/88635/dream-maker-stonehenge-ezl-spa--8863595.jpg?w=200&h=200&fm=auto

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4dc72c062762c415302fc46a2499a5746671f232e1c776b293645bf938a711c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 1c22fdbdd926b6df15d206136843e24d
x-gumlet-reqid: 60359d1b3fbffe39238b2f95
age: 420953
x-gumlet-oc: HIT
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.738
vary: accept
content-length: 9142
date: Wed, 24 Feb 2021 00:26:04 GMT
access-control-max-age: 1728000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: N7VUwYKBFoFifeAAduY8dLDhrhchjnADqp5srr3ATDs-Jw8V3fjgfQ==

GET
H2 200 douchecabine-penny--8712581.jpg
img.folders.eu/live/promobutler/articles/2021/01/21/87125/ 7 KB
7 KB 37ms
18ms Image
image/avif 2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/promobutler/articles/2021/01/21/87125/douchecabine-penny--8712581.jpg?w=200&h=200&fm=auto

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8d7e2e06042ca9b45a11854b260f74803a9374f253caf0cbd1990089ee8f0f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 9f71cd5836043699d2daafda27c86d47
x-gumlet-reqid: 601a5c4ec07e306a16259d1c
age: 2207014
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.333
vary: accept
content-length: 6900
date: Wed, 03 Feb 2021 08:18:23 GMT
access-control-max-age: 1728000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: cm-in66NudwLWj1aWSRw1SqJNMr-p5mMwpJeqyFUI2LrkKuDVRoFdQ==

GET
H2

200

bizz_2210426.pdf
img.folders.eu/live/publsh/bizz/221/04/26/
Redirect Chain

https://publish.folders.eu/publication/2210426/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/221/04/26/bizz_2210426.pdf?v=2&fm=auto&page=1&w=400

63 KB
64 KB

14ms
13ms

Image
image/webp

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/221/04/26/bizz_2210426.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

13d19a27c1c7483c6cedbcb3abbb87f61f232d93c3ecee4a9b854b9a2e89e086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 5a4d234723977cabfb4ecc2ecd73d7ff
x-gumlet-reqid: 60335c5e9739a378a2f5448e
age: 568600
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.031
vary: accept
content-length: 64728
date: Mon, 22 Feb 2021 07:25:18 GMT
access-control-max-age: 1728000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: FfE2yMzv5VlYQjwWZ88RiFsZPq9OWTlC71qqlREHhnMDtbOCnHvinQ==

Redirect headers

pragma: cache
date: Sun, 28 Feb 2021 21:21:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/221/04/26/bizz_2210426.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 628d32c098dd536a-FRA
cf-request-id: 088c1e0c5c0000536a3ea5d000000001

GET
H2

200

bizz_2210159.pdf
img.folders.eu/live/publsh/bizz/221/01/59/
Redirect Chain

https://publish.folders.eu/publication/2210159/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/221/01/59/bizz_2210159.pdf?v=2&fm=auto&page=1&w=400

30 KB
30 KB

12ms
12ms

Image
image/webp

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/221/01/59/bizz_2210159.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c5c96417eb57649b8f92033a8625441cc8a1f64d1df9db93c6522da22b3a08be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 5210997e90a04210b25818268c7664e3
x-gumlet-reqid: 6025c579547a63777d9da01a
age: 1459197
x-gumlet-oc: HIT
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.323
vary: accept
content-length: 30300
date: Fri, 12 Feb 2021 00:02:01 GMT
access-control-max-age: 1728000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: HqhBWxIs0woEHGPUjl2rpuG_IykrwQReEWvPYa2cDpB_fTShyzs_3w==

Redirect headers

pragma: cache
date: Sun, 28 Feb 2021 21:21:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/221/01/59/bizz_2210159.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 628d32c098d0536a-FRA
cf-request-id: 088c1e0c5a0000536a6b0b7000000001

GET
H2

200

bizz_2210948.pdf
img.folders.eu/live/publsh/bizz/221/09/48/
Redirect Chain

https://publish.folders.eu/publication/2210948/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/221/09/48/bizz_2210948.pdf?v=2&fm=auto&page=1&w=400

36 KB
36 KB

10ms
10ms

Image
image/webp

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/221/09/48/bizz_2210948.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bc7630abf0a5ef4d64c7f515eb47d2dae4a38baafa351f79d2696cb3ec5a5d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 092113faa62af52eeace4d26e32475d5
x-gumlet-reqid: 60332d7613cc09d397b5cee8
age: 580608
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.028
vary: accept
content-length: 36450
date: Mon, 22 Feb 2021 04:05:10 GMT
access-control-max-age: 1728000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 0Gz4XwuZv6HsKLYbV4sIR2wZGRSKAkSblgrGGPFJI4RUk3rAC27QGw==

Redirect headers

pragma: cache
date: Sun, 28 Feb 2021 21:21:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/221/09/48/bizz_2210948.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 628d32c098d4536a-FRA
cf-request-id: 088c1e0c5b0000536a19062000000001

GET
H2 200 wonder-core-rock-n-fit--8863598.jpg
img.folders.eu/live/promobutler/articles/2021/02/18/88635/ 13 KB
14 KB 30ms
15ms Image
image/avif 2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/promobutler/articles/2021/02/18/88635/wonder-core-rock-n-fit--8863598.jpg?w=200&h=200&fm=auto

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e55388d8d8af1178ec2876e3701a7f015fd3cd641c8fa02913312fdd28033acd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 82583b4ac7ebed0dad5cf0278565f7c0
x-gumlet-reqid: 60359d1bc17d7ef78c63e374
age: 420953
x-gumlet-oc: HIT
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.732
vary: accept
content-length: 13306
date: Wed, 24 Feb 2021 00:26:04 GMT
access-control-max-age: 1728000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: MjkXDuBtQrOvTj3Oxq-Z15FVAC6xbdk1O2cyF5-EjzIQNs9oFrboww==

GET
H2

200

bizz_2209319.pdf
img.folders.eu/live/publsh/bizz/220/93/19/
Redirect Chain

https://publish.folders.eu/publication/2209319/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/220/93/19/bizz_2209319.pdf?v=2&fm=auto&page=1&w=400

38 KB
39 KB

16ms
16ms

Image
image/webp

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/220/93/19/bizz_2209319.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

44903d779d042e8ef57a14c37611b0c13589b5fe384ccc54f24d5bbb1f0c1baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 109bfce799b8be6b8394feadb486bdaf
x-gumlet-reqid: 602e954fdcaa9d8d0e1f3b56
age: 881703
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.026
vary: accept
content-length: 39254
date: Thu, 18 Feb 2021 16:26:55 GMT
access-control-max-age: 1728000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 7xc6vKy2XGZSF_ko9sh5v-h15loW-mJj0lagDpNSTuZ7xcDTL_7hHw==

Redirect headers

pragma: cache
date: Sun, 28 Feb 2021 21:21:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/220/93/19/bizz_2209319.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 628d32c098db536a-FRA
cf-request-id: 088c1e0c5c0000536a41004000000001

GET
H2

200

bizz_2211716.pdf
img.folders.eu/live/publsh/bizz/221/17/16/
Redirect Chain

https://publish.folders.eu/publication/2211716/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/221/17/16/bizz_2211716.pdf?v=2&fm=auto&page=1&w=400

64 KB
64 KB

11ms
11ms

Image
image/webp

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/221/17/16/bizz_2211716.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

885c28405d4a21caba2aca2021c67e32e3c68021ef27fd74dbf08a218b492638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 0cb7664f272039020395849c498b871a
x-gumlet-reqid: 6035c292c17d7e18d0654dce
age: 411364
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.541
vary: accept
content-length: 65356
date: Wed, 24 Feb 2021 03:05:54 GMT
access-control-max-age: 1728000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: DMXCV3uifxY-dWwwOR3hNS6bAMw_4Mq6W8QUU3p9eEMTqrfUPIperA==

Redirect headers

pragma: cache
date: Sun, 28 Feb 2021 21:21:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/221/17/16/bizz_2211716.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 628d32c098d1536a-FRA
cf-request-id: 088c1e0c5a0000536a73b8f000000001

GET
H2

200

bizz_2210840.pdf
img.folders.eu/live/publsh/bizz/221/08/40/
Redirect Chain

https://publish.folders.eu/publication/2210840/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/221/08/40/bizz_2210840.pdf?v=2&fm=auto&page=1&w=400

51 KB
51 KB

15ms
15ms

Image
image/webp

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/221/08/40/bizz_2210840.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

16a82582f9cda7542379343d7878f169dd1319f00669d6bad7dbf651f7aff52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: fcbfff0aa8e551786acddf13fa27d505
x-gumlet-reqid: 60344d8bfa457c0ea89fa803
age: 506858
x-gumlet-oc: HIT
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.342
vary: accept
content-length: 51998
date: Tue, 23 Feb 2021 00:34:20 GMT
access-control-max-age: 1728000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: YMYZG5hU8ZcjK53BkdvwiXDR0s-rQBhBqCKigTKHeuHkPvEsdq-_uA==

Redirect headers

pragma: cache
date: Sun, 28 Feb 2021 21:21:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/221/08/40/bizz_2210840.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 628d32c098d7536a-FRA
cf-request-id: 088c1e0c5b0000536a6e1ed000000001

GET
H2

200

bizz_2209331.pdf
img.folders.eu/live/publsh/bizz/220/93/31/
Redirect Chain

https://publish.folders.eu/publication/2209331/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/220/93/31/bizz_2209331.pdf?v=2&fm=auto&page=1&w=400

45 KB
45 KB

13ms
13ms

Image
image/webp

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/220/93/31/bizz_2209331.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

83ba1c9e7b6dc964790ef4d78b7a313126a16cdeb3f46fa1746d974a42508657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: bfe55d15d4cfcfaac79af5b49827bacb
x-gumlet-reqid: 601ff3f5dc424487ed188530
age: 1840513
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.618
vary: accept
content-length: 45672
date: Sun, 07 Feb 2021 14:06:45 GMT
access-control-max-age: 1728000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: ZB-Vxm3dNjqO69bQ8hqVjbaPUzWnnVmYPoROi_qTJf2bDqWYb4WBfA==

Redirect headers

pragma: cache
date: Sun, 28 Feb 2021 21:21:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/220/93/31/bizz_2209331.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 628d32c098dc536a-FRA
cf-request-id: 088c1e0c5c0000536a158e8000000001

GET
H2

200

bizz_2210237.pdf
img.folders.eu/live/publsh/bizz/221/02/37/
Redirect Chain

https://publish.folders.eu/publication/2210237/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/221/02/37/bizz_2210237.pdf?v=2&fm=auto&page=1&w=400

46 KB
46 KB

14ms
14ms

Image
image/webp

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/221/02/37/bizz_2210237.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f83e5af5ba829db6a693957b1a736dec99056b65210526b43563b52e64847da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: c90985718da3e92b5c2d5129a8679d6c
x-gumlet-reqid: 6035c29cc17d7e62b5654e17
age: 411353
x-gumlet-oc: HIT
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.824
vary: accept
content-length: 46720
date: Wed, 24 Feb 2021 03:06:05 GMT
access-control-max-age: 1728000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 9y15SMXfhWOAshvL8vLnkHbtIRI_gVCej9cJ633L4B5dbS4bpdhLWg==

Redirect headers

pragma: cache
date: Sun, 28 Feb 2021 21:21:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/221/02/37/bizz_2210237.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 628d32c088cf536a-FRA
cf-request-id: 088c1e0c5a0000536a120dd000000001

GET
H2

200

bizz_2211311.pdf
img.folders.eu/live/publsh/bizz/221/13/11/
Redirect Chain

https://publish.folders.eu/publication/2211311/400/9999/cover.png?client=pb
https://img.folders.eu/live/publsh/bizz/221/13/11/bizz_2211311.pdf?v=2&fm=auto&page=1&w=400

60 KB
60 KB

19ms
19ms

Image
image/webp

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/publsh/bizz/221/13/11/bizz_2211311.pdf?v=2&fm=auto&page=1&w=400

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

63597ce62507b55334eb41996b755298fabdf24cec8990de8b546deea4340712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 9df48976b9d3c1afd9c1924ec7d1470a
x-gumlet-reqid: 6033510913cc09db11b802b0
age: 571500
x-gumlet-oc: HIT
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.371
vary: accept
content-length: 61252
date: Mon, 22 Feb 2021 06:36:58 GMT
access-control-max-age: 1728000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: GPrMKePnqaEeIFfVwIKzs64X_QTnjFM1Dwm5BDWvhlfd_smPKQeOGA==

Redirect headers

pragma: cache
date: Sun, 28 Feb 2021 21:21:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
location: https://img.folders.eu/live/publsh/bizz/221/13/11/bizz_2211311.pdf?v=2&fm=auto&page=1&w=400
cache-control: public
cf-ray: 628d32c098d2536a-FRA
cf-request-id: 088c1e0c5a0000536a440db000000001

GET
H2 200 logo_promobutler.be.png
img.folders.eu/live/promobutler/assets/ 5 KB
5 KB 26ms
12ms Image
image/webp 2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/live/promobutler/assets/logo_promobutler.be.png?w=300

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

37d68543e2968bf548d7a2e2b4a6a99fd60a395eb8bb7826e9622792af763790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 33d90970bf39a32b3caddf7dc07ab700
x-gumlet-reqid: 5fe0526a8fd97ab4314660ee
age: 6010635
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.048
vary: accept
content-length: 4654
date: Mon, 21 Dec 2020 07:44:42 GMT
access-control-max-age: 1728000
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 2Lr73YE7Y0AOILYIwnQELqO1si2enVvRQxSL2Qrc_m1orqsO_aKaVg==

GET
H2 404 user Show response
www.promobutler.be/ 0
111 B 65ms
63ms Fetch 2606:4700:10::6816:478a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/user

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/js/home.min.js?v=0.0.1-20210218111732.ca8b057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:478a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:57 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 088c1e0c4d00004e49ee86b000000001
pragma: no-cache
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=0, no-cache
cf-ray: 628d32c07ba84e49-FRA

GET
H2 200 i18n Show response
www.promobutler.be/ 66 KB
19 KB 75ms
74ms Fetch
application/json 2606:4700:10::6816:478a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.promobutler.be/i18n

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/js/home.min.js?v=0.0.1-20210218111732.ca8b057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:478a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5762ca563ab22d29c6b94cc748d852c746755d6b4569b0be369898fc8fd93b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:57 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088c1e0c4d00004e49f0838000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 628d32c07ba94e49-FRA
cf-railgun: direct (waiting for pending WAN connection)

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1472579318&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ul=en-us&de=UTF-8&dt=Alle%20promoties%2C%20aanbiedingen%20en%20acties%20op%20een%20rijtje%20-%20Promobutler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B39%2C%2045%2C%2074%2C%2090%2C%2091%2C%20105%2C%20106%5D%22%2C%22folder_id%22%3A%22121766%22%2C%22folder_name%22%3A%22jambooty_2210237%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224497%22%7D&_u=aEDAAEABAAAAAC~&jid=73943326&gjid=1348686699&cid=347463658.1614547318&tid=UA-2482376-11&_gid=941748548.1614547318&_r=1&gtm=2wg2h0NDZL236&cd1=4497&cd4=nl&cd6=121766&cd7=false&z=1728757488

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:21:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.promobutler.be
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1472579318&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ul=en-us&de=UTF-8&dt=Alle%20promoties%2C%20aanbiedingen%20en%20acties%20op%20een%20rijtje%20-%20Promobutler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B32%2C%2040%2C%2041%2C%2045%2C%2047%2C%2048%2C%2062%2C%2087%5D%22%2C%22folder_id%22%3A%22121439%22%2C%22folder_name%22%3A%22jambooty_2209331%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224705%22%7D&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=347463658.1614547318&tid=UA-2482376-11&_gid=941748548.1614547318&gtm=2wg2h0NDZL236&cd1=4705&cd4=nl&cd6=121439&cd7=false&z=932171312

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 10:53:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37697
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1472579318&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ul=en-us&de=UTF-8&dt=Alle%20promoties%2C%20aanbiedingen%20en%20acties%20op%20een%20rijtje%20-%20Promobutler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B41%2C%2064%2C%2069%2C%2088%2C%2094%5D%22%2C%22folder_id%22%3A%22122168%22%2C%22folder_name%22%3A%22jambooty_2209319%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224780%22%7D&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=347463658.1614547318&tid=UA-2482376-11&_gid=941748548.1614547318&gtm=2wg2h0NDZL236&cd1=4780&cd4=nl&cd6=122168&cd7=false&z=1650743228

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 10:53:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37697
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1472579318&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ul=en-us&de=UTF-8&dt=Alle%20promoties%2C%20aanbiedingen%20en%20acties%20op%20een%20rijtje%20-%20Promobutler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B25%2C%2039%2C%2054%2C%2064%2C%2090%5D%22%2C%22folder_id%22%3A%22121829%22%2C%22folder_name%22%3A%22jambooty_2210447%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224704%22%7D&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=347463658.1614547318&tid=UA-2482376-11&_gid=941748548.1614547318&gtm=2wg2h0NDZL236&cd1=4704&cd4=nl&cd6=121829&cd7=false&z=866890967

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 10:53:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37697
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1472579318&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ul=en-us&de=UTF-8&dt=Alle%20promoties%2C%20aanbiedingen%20en%20acties%20op%20een%20rijtje%20-%20Promobutler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B43%2C%2045%2C%2086%5D%22%2C%22folder_id%22%3A%22121361%22%2C%22folder_name%22%3A%22jambooty_2208578%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%225114%22%7D&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=347463658.1614547318&tid=UA-2482376-11&_gid=941748548.1614547318&gtm=2wg2h0NDZL236&cd1=5114&cd4=nl&cd6=121361&cd7=false&z=83390517

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 10:53:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37697
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1472579318&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ul=en-us&de=UTF-8&dt=Alle%20promoties%2C%20aanbiedingen%20en%20acties%20op%20een%20rijtje%20-%20Promobutler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B32%2C%2041%2C%2064%2C%2075%2C%2094%5D%22%2C%22folder_id%22%3A%22121943%22%2C%22folder_name%22%3A%22jambooty_2210840%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%22291%22%7D&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=347463658.1614547318&tid=UA-2482376-11&_gid=941748548.1614547318&gtm=2wg2h0NDZL236&cd1=291&cd4=nl&cd6=121943&cd7=false&z=1103998940

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 10:53:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37697
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1472579318&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ul=en-us&de=UTF-8&dt=Alle%20promoties%2C%20aanbiedingen%20en%20acties%20op%20een%20rijtje%20-%20Promobutler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B41%2C%2043%2C%2048%2C%2064%2C%2069%2C%2088%2C%2094%5D%22%2C%22folder_id%22%3A%22121367%22%2C%22folder_name%22%3A%22jambooty_2208995%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%2295%22%7D&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=347463658.1614547318&tid=UA-2482376-11&_gid=941748548.1614547318&gtm=2wg2h0NDZL236&cd1=95&cd4=nl&cd6=121367&cd7=false&z=792510478

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 10:53:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37697
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1472579318&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ul=en-us&de=UTF-8&dt=Alle%20promoties%2C%20aanbiedingen%20en%20acties%20op%20een%20rijtje%20-%20Promobutler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B32%2C%2048%5D%22%2C%22folder_id%22%3A%22122303%22%2C%22folder_name%22%3A%22jambooty_2211311%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%22939%22%7D&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=347463658.1614547318&tid=UA-2482376-11&_gid=941748548.1614547318&gtm=2wg2h0NDZL236&cd1=939&cd4=nl&cd6=122303&cd7=false&z=313712503

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 10:53:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37697
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1472579318&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ul=en-us&de=UTF-8&dt=Alle%20promoties%2C%20aanbiedingen%20en%20acties%20op%20een%20rijtje%20-%20Promobutler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B75%2C%20101%5D%22%2C%22folder_id%22%3A%22121778%22%2C%22folder_name%22%3A%22jambooty_2210159%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224659%22%7D&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=347463658.1614547318&tid=UA-2482376-11&_gid=941748548.1614547318&gtm=2wg2h0NDZL236&cd1=4659&cd4=nl&cd6=121778&cd7=false&z=31496304

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 10:53:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37697
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1472579318&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ul=en-us&de=UTF-8&dt=Alle%20promoties%2C%20aanbiedingen%20en%20acties%20op%20een%20rijtje%20-%20Promobutler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B77%2C%2085%2C%2086%2C%2087%2C%2090%5D%22%2C%22folder_id%22%3A%22122306%22%2C%22folder_name%22%3A%22jambooty_2211716%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%225240%22%7D&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=347463658.1614547318&tid=UA-2482376-11&_gid=941748548.1614547318&gtm=2wg2h0NDZL236&cd1=5240&cd4=nl&cd6=122306&cd7=false&z=1160424837

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 10:53:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37697
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1472579318&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ul=en-us&de=UTF-8&dt=Alle%20promoties%2C%20aanbiedingen%20en%20acties%20op%20een%20rijtje%20-%20Promobutler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B39%2C%2045%2C%2074%2C%2090%2C%2091%2C%20105%2C%20106%5D%22%2C%22folder_id%22%3A%22122012%22%2C%22folder_name%22%3A%22jambooty_2210948%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224498%22%7D&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=347463658.1614547318&tid=UA-2482376-11&_gid=941748548.1614547318&gtm=2wg2h0NDZL236&cd1=4498&cd4=nl&cd6=122012&cd7=false&z=1369158900

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 10:53:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37697
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1472579318&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ul=en-us&de=UTF-8&dt=Alle%20promoties%2C%20aanbiedingen%20en%20acties%20op%20een%20rijtje%20-%20Promobutler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B43%2C%2064%2C%2069%2C%2089%2C%2094%5D%22%2C%22folder_id%22%3A%22121817%22%2C%22folder_name%22%3A%22jambooty_2210426%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%222968%22%7D&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=347463658.1614547318&tid=UA-2482376-11&_gid=941748548.1614547318&gtm=2wg2h0NDZL236&cd1=2968&cd4=nl&cd6=121817&cd7=false&z=566447652

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 10:53:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37697
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-2482376-1&cid=347463658.1614547318&jid=1426318697&gjid=1241014678&_gid=941748548.1614547318&_u=YEBAAAAAAAAAAC~&z=854334044

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Feb 2021 21:21:57 GMT
content-type: text/plain
access-control-allow-origin: https://www.promobutler.be
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-2482376-11&cid=347463658.1614547318&jid=73943326&gjid=1348686699&_gid=941748548.1614547318&_u=aEDAAEABAAAAAC~&z=286958986

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Feb 2021 21:21:57 GMT
content-type: text/plain
access-control-allow-origin: https://www.promobutler.be
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 98ms
32ms Image
image/gif 99.86.3.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Alle%20promoties%2C%20aanbiedingen%20en%20acties%20op%20een%20rijtje%20-%20Promobutler&time=1614547317935&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&random_number=13799960217&sess_cookie=b87422e5177ea84f4ae98d458d8&sess_cookie_flag=1&user_cookie=b87422e5177ea84f4ae98d458d8&user_cookie_flag=1&dynamic=true&domain=promobutler.be&account=uRpxu1DTcA20Ug&jsv=20130128&user_lang=en-US
Requested by: Host: www.promobutler.be
URL: https://www.promobutler.be/nl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-55.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 04:12:04 GMT
Via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 61858
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA6-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: OJV8Gh6uO-ObUz1ayfhSTokWcH849EUMRkXP2KR5VxaCVM9go1u2IA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 16ms
16ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-2482376-1&cid=347463658.1614547318&jid=1426318697&_u=YEBAAAAAAAAAAC~&z=946898310

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:21:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-2482376-1&cid=347463658.1614547318&jid=1426318697&_u=YEBAAAAAAAAAAC~&z=946898310

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:21:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-2482376-11&cid=347463658.1614547318&jid=73943326&_u=aEDAAEABAAAAAC~&z=1839595353

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:21:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-2482376-11&cid=347463658.1614547318&jid=73943326&_u=aEDAAEABAAAAAC~&z=1839595353

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:21:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime.2.10.4.js Show response
st.getsitecontrol.com/main/runtime/ 403 KB
93 KB 134ms
47ms Script
application/javascript 62.113.194.2
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://st.getsitecontrol.com/main/runtime/runtime.2.10.4.js
Requested by: Host: widgets.getsitecontrol.com
URL: https://widgets.getsitecontrol.com/138533/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.2 Berlin, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-509.b-cdn.net
Software: BunnyCDN-DE1-367 /
Resource Hash: e99235caac1dc00f2fb631896feceafc55cadc5fd0bfd6cc673da6dac3f59af2

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:58 GMT
content-encoding: br
cdn-edgestorageid: 367
x-amz-request-id: EEE0BEC4E042B888
cdn-cachedat: 2020-11-23 23:28:13
cdn-pullzone: 44631
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: I8jLhBLjIaHxKEvJ/8hambiuw9Rkx+VymovYa7NTNOc6YDEmvE2i10NcIyXfvENzE5WR7XNJbFo=
access-control-allow-origin: *
last-modified: Mon, 24 Sep 2018 08:05:29 GMT
server: BunnyCDN-DE1-367
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=2592000
cdn-requestid: ec9d35faa3ea58c52583906a8677db5a
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 48e7aa1fa7e41009205e5d71d5e6e029_194014015.png
media.getsitecontrol.com/main/images/138533/ 450 KB
451 KB 65ms
49ms Image
image/png 62.113.194.2
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.getsitecontrol.com/main/images/138533/48e7aa1fa7e41009205e5d71d5e6e029_194014015.png
Requested by: Host: www.promobutler.be
URL: https://www.promobutler.be/nl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.2 Berlin, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-509.b-cdn.net
Software: BunnyCDN-DE1-367 /
Resource Hash: 0f8d385fcce4957a7b464bffe62ceba0d504b19974b10c4acaae708866512ec0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:58 GMT
cdn-edgestorageid: 367
x-amz-request-id: 02AFC78744D51A65
cdn-cachedat: 2021-02-24 10:02:36
cdn-pullzone: 44663
content-length: 460649
x-amz-id-2: fXq6++25nSwDV53KLGHpXzMLGp8TlB2/bn4OSPPHmZkvLxrRXLdPqAek4DB+EQ0EBAO7Ggz4Xpg=
last-modified: Tue, 23 Feb 2021 09:46:56 GMT
server: BunnyCDN-DE1-367
cdn-requestpullcode: 200
content-type: image/png
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: max-age=2592000
cdn-requestid: db90578ba4cb0e36c2c31a070b331ff3
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
19 KB 62ms
42ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11b0332332b597c0a047784adc7e268b002cff857083029bdb96b373d1712f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "798 / 468 of 1000 / last-modified: 1614381619"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19360
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:21:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 45ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2467a9fefa378b8d57d62d9108794bcd476de6ce2cc1ba42ea85200fd73960b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49420
x-xss-protection: 0
server: cafe
etag: 13386428730629145965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 28 Feb 2021 21:21:58 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 95 KB
34 KB 40ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faa63e9b1e3fe828645fa68635cc11c96178c8b182465c3fa305abf0f2edfc59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34369
x-xss-protection: 0
server: cafe
etag: 18387054023701307728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 28 Feb 2021 21:21:58 GMT

GET
H2 200 pubads_impl_2021022301.js Show response
securepubads.g.doubleclick.net/gpt/ 290 KB
102 KB 139ms
66ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 09:41:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104129
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:21:58 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 34ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.promobutler.be

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 21:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.promobutler.be

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 21:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 195 KB
45 KB 3703ms
3667ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1566656085633449&correlator=2040393702737036&output=ldjh&impl=fifs&eid=21068602%2C31060294%2C31060109&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=8525112%2CPB_Bannerslot_ROS_Algemeen%2CAdSense&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2&prev_iu_szs=728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1614547318&dt=1614547318760&dlt=1614547317619&idt=1115&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C436%2C436%2C436%2C436%2C-9%2C-9%2C-9%2C-9%2C436%2C-9%2C436&adys=-9%2C1001%2C4803%2C2209%2C4141%2C-9%2C-9%2C-9%2C-9%2C4983%2C-9%2C2912&adks=912254680%2C932735050%2C932803718%2C933222852%2C932773108%2C912225332%2C932896963%2C934729390%2C910334561%2C1167789366%2C1167789365%2C1167789364&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C1300x110%7C1300x110%7C1300x110%7C1620x110%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1280x110%7C0x-1%7C1280x110&msz=0x-1%7C728x90%7C728x90%7C728x90%7C728x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C728x90%7C0x-1%7C728x90&ga_vid=347463658.1614547318&ga_sid=1614547319&ga_hid=1472579318&fws=2%2C4%2C4%2C4%2C4%2C2%2C2%2C2%2C2%2C4%2C2%2C4&ohw=0%2C1600%2C1600%2C1600%2C1600%2C0%2C0%2C0%2C0%2C1600%2C0%2C1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

aa059ee73f79a3e204dfe888121a465596b858c98a42c928415e366908c91cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45536
x-xss-protection: 0
google-lineitem-id: 5582260240,5580502510,5582263858,5581146402,5577227903,5582270356,5582226934,5582226934,5581350634,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138336090008,138336301720,138336536242,138336093161,138338173046,138336091115,138336140112,138336087371,138341275528,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.promobutler.be
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 47ms
13ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 48e7aa1fa7e41009205e5d71d5e6e029_194014015.png
media.getsitecontrol.com/main/images/138533/ 450 KB
451 KB 32ms
32ms Image
image/png 62.113.194.2
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.getsitecontrol.com/main/images/138533/48e7aa1fa7e41009205e5d71d5e6e029_194014015.png
Requested by: Host: st.getsitecontrol.com
URL: https://st.getsitecontrol.com/main/runtime/runtime.2.10.4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.2 Berlin, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-509.b-cdn.net
Software: BunnyCDN-DE1-367 /
Resource Hash: 0f8d385fcce4957a7b464bffe62ceba0d504b19974b10c4acaae708866512ec0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:22:01 GMT
cdn-edgestorageid: 367
x-amz-request-id: 02AFC78744D51A65
cdn-cachedat: 2021-02-24 10:02:36
cdn-pullzone: 44663
content-length: 460649
x-amz-id-2: fXq6++25nSwDV53KLGHpXzMLGp8TlB2/bn4OSPPHmZkvLxrRXLdPqAek4DB+EQ0EBAO7Ggz4Xpg=
last-modified: Tue, 23 Feb 2021 09:46:56 GMT
server: BunnyCDN-DE1-367
cdn-requestpullcode: 200
content-type: image/png
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: max-age=2592000
cdn-requestid: e411a12796dac2d4c0ec2d0b5e979c9e
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91225b71855e74fc455f4faf34369f4cfa2eb676f4d0d0ca3d43279bf7eb0289

Request headers

Origin: https://www.promobutler.be
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/octet-stream

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
112 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:22:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.promobutler.be
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-2482376-13&cid=347463658.1614547318&jid=822640211&gjid=2053514497&_gid=1173477907.1614547322&_u=aEjAAEABAAAAAC~&z=1571558429

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Feb 2021 21:22:01 GMT
content-type: text/plain
access-control-allow-origin: https://www.promobutler.be
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-2482376-13&cid=347463658.1614547318&jid=822640211&_u=aEjAAEABAAAAAC~&z=1274027668

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:22:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-2482376-13&cid=347463658.1614547318&jid=822640211&_u=aEjAAEABAAAAAC~&z=1274027668

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:22:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stat
app.getsitecontrol.com/api/v1/ 33 B
166 B 393ms
122ms Image
image/gif 34.226.117.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.getsitecontrol.com/api/v1/stat?t=cmV0PWZhbHNlJnJlZj0mcGFnZT0xJnNyYz0mdWlkPTZlZmNjOGNjLTZmM2ItNDQ2Yy04ZmZlLTA4NGEyYTI2ZmM5MSZsYW5nPWVuLVVTJmV2dFswXS53aWRnZXQ9NDczMjE2JmV2dFswXS5tZXRyaWM9c2hvdw%3D%3D&ts=1614547322240
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.117.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-117-90.compute-1.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:22:02 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
server: fasthttp
content-length: 33
content-type: image/gif

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame ECE3 0
0 75ms
74ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-9t4EokHOFixrsB_9NInmC17XuW5oJC8dOyXXj6n-bcz-YLqk0QhvTeeg1NO7Iq9RsaOyhRV8NgH02ssc3WJuH_TcpEucdyAzRgMcj_yQ8b4Fdf2gOgBJKKwZSUI1yarrJyt8JqgP0AVA0mIZxn1xtRxpgQZ3hbf3DkyHU_MsdaZmQ-hYHqCRYppfycMnWJDRtMurakhRjVbYOpoULyAQppv1Yg0G8byjrdUDfK6RrJalRSlRaAPTCrkVxeueaLMRMLsPlkdUUf_nTPFf2jv1JPmK8ByjBUCfPcOeKH7l8bnXz619cHRf4JVsP2o&sai=AMfl-YTr40h_4OWltpXvfo1ddcJCG3dTLGN3z7MiSFfWLGYYGP3QqZTatMzAgdp4fktpuOaUL67l7owEnj6RX54Y-vgVHJFoxH9Ba9jWCHQTLtncN_LYw63MsUmrkhY71leN&sig=Cg0ArKJSzCDuROXdadWIEAE&adurl=

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 21:22:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:02 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame ECE3 3 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 21:10:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ECE3 107 KB
33 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:02 GMT

GET
H2

200

Auto5_Algemeen_Leaderboard_NL.jpg
img.folders.eu/ads/auto5/2020/01/ Frame ECE3
Redirect Chain

https://images.folders.eu/aws/ads/auto5/2020/01/Auto5_Algemeen_Leaderboard_NL.jpg
https://img.folders.eu/ads/auto5/2020/01/Auto5_Algemeen_Leaderboard_NL.jpg

14 KB
15 KB

20ms
20ms

Image
image/avif

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/ads/auto5/2020/01/Auto5_Algemeen_Leaderboard_NL.jpg

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7467ffe6b3325fef3c41bad78a26dcc2b3d977d8904a4c15a7ed11432bf0d3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: ba77491aea8eccb85b11f007319b70d8
x-gumlet-reqid: 6020c362671271cddd36eb86
age: 1787416
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.026
vary: accept
content-length: 14638
date: Mon, 08 Feb 2021 04:51:46 GMT
access-control-max-age: 1728000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: fTeUTTiL0DDSzRyuhh_P0qX-Y3xh8ndnCnCm803shYYzOQjxyWecSw==

Redirect headers

date: Sun, 28 Feb 2021 21:22:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://img.folders.eu/ads/auto5/2020/01/Auto5_Algemeen_Leaderboard_NL.jpg
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=15552000; preload
cf-ray: 628d32ddbc87536a-FRA
cf-request-id: 088c1e1e910000536a5d3d1000000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3AA0 0
0 75ms
72ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQtrW46Ho8VntJnoefpS2R64Y3HGaB6tSSEArPKdt1uKWolNpMftdVIskBIc76ukSf15jLJf_SaARpTyLV17IJCTe_l6XyIxXje7c7AQYSZErfbEEEHazmpqSvjizwLf-SJK2LL-z3jhQsN21p2QaiKEAfoODOKRJmptTRFRJl2LMArKpY8uJR4ebHWroOFHWJFUelhFcV_RfaHBHlU5aJJKXs5G9NOST9MZoIl_eI90kyQE3B-i41PpF9rKvIBzaMNq7UJjZ6f-0_sFPt_JhtX0WT3J02fq3xkL_MV-9RowUYhWpj9rt2DsAkVGs&sai=AMfl-YQMQCAxX0DTTG58qGdhtQ-gKpkiL-bWC5RVA4Wu4YqDfERaneCtl-kjS8O-PThqIH9_-Hta_tZNZYYBFCKghC05fDYrzCnUBDdIgBtF3OqOUMnDiZ35X2vlB6yv48WJ&sig=Cg0ArKJSzAEbEkEyp9caEAE&adurl=

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 21:22:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:02 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 3AA0 3 KB
2 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 21:10:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3AA0 107 KB
33 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:02 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 3AA0 0
0 44ms
29ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQc1iHbShG0DUWzGA2ZgRjrkIuPN3nDMA3lCH3d2YE-B9JJJ76FNppUIOIRPwD_X2IcQTFN
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

multi-bazar-algemeen-leaderboard.jpg
img.folders.eu/ads/multi-bazar/2019/36/ Frame 3AA0
Redirect Chain

https://images.folders.eu/aws/ads/multi-bazar/2019/36/multi-bazar-algemeen-leaderboard.jpg
https://img.folders.eu/ads/multi-bazar/2019/36/multi-bazar-algemeen-leaderboard.jpg

14 KB
14 KB

15ms
14ms

Image
image/avif

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/ads/multi-bazar/2019/36/multi-bazar-algemeen-leaderboard.jpg

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ffcec1f331426469fa60223394b085594d96298dc661ad51a2a45c45831ec94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: 3f77e0c3c77fc8bd573f129c57474b8a
x-gumlet-reqid: 60223f85e8c8948696af82ac
age: 1690101
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.029
vary: accept
content-length: 14070
date: Tue, 09 Feb 2021 07:53:41 GMT
access-control-max-age: 1728000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 15KqZchaFEKraTPnsqFXLk9h8nR-fgart4whgFVTXyvAUiondu99DA==

Redirect headers

date: Sun, 28 Feb 2021 21:22:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://img.folders.eu/ads/multi-bazar/2019/36/multi-bazar-algemeen-leaderboard.jpg
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=15552000; preload
cf-ray: 628d32ddbc89536a-FRA
cf-request-id: 088c1e1e920000536a6b1d0000000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 473B 0
0 73ms
72ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXNv2kAwOGIebAl0WxyBc2ptWjl1D0fS1cUivSXExI9Efjl0nBVuG72UH7HU-7_RAfKsVSMVQLe3TKWMTnhTYNm12MazOJZA9Minvp4qngX-RMEYXxtOsks8mp7CHFt4mvfvfBMdRw_PCwifYDEbmqYTLyDHzsWt2WNJSzVpZPyhaChMMrWldXS97VLRNAAy9w4-WPIayN3m_96xC1_B8Yw1-cGlxlHR60w8ptT2ovJcx3EYT3Ft1a4oe3cyV67nyDvGw2hTIfa21_ntUXb0P93G7A7lgbivD9U-mw0UZDYmk2c0KeGFWS-tMOVtc&sai=AMfl-YTxjHQZjt1SAoDa8satkcdPx440pAFRdvzIeP7Exis2eHNF_FwpCRK3F3fX_XEYqrMaL4uCVKFOHa9_BRexrLK1O4miMNvPNtpxVh60Rd2D0IxHw2ugvShlj2y-DERw&sig=Cg0ArKJSzLc6IuFaKnHjEAE&adurl=

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 21:22:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:02 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 473B 3 KB
2 KB 29ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 21:10:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 473B 107 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:02 GMT

GET
H2

200

webshop_LB_NL.gif
img.folders.eu/ads/zelfbouwmarkt/2020/32/ Frame 473B
Redirect Chain

https://images.folders.eu/aws/ads/zelfbouwmarkt/2020/32/webshop_LB_NL.gif
https://img.folders.eu/ads/zelfbouwmarkt/2020/32/webshop_LB_NL.gif

33 KB
34 KB

14ms
14ms

Image
image/gif

2600:9000:2156:e000:1e:2c34:5d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.folders.eu/ads/zelfbouwmarkt/2020/32/webshop_LB_NL.gif

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e000:1e:2c34:5d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2959d09b8d9a85c5ab5df68e43bf1d97acf856164a1b908ef1d224a7fd42ed29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
etag: ac83227f3e0b5befb69feca8b9b2df71
x-gumlet-reqid: 6017f473c0e1d23f86300662
age: 2364679
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.015
vary: accept
content-length: 34220
date: Mon, 01 Feb 2021 12:30:43 GMT
access-control-max-age: 1728000
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: BeBYkwN7Ok2YJH110rsoIeRi6UX1LMXAUEcv6-r0-4RZNGA7Io7P0Q==

Redirect headers

date: Sun, 28 Feb 2021 21:22:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://img.folders.eu/ads/zelfbouwmarkt/2020/32/webshop_LB_NL.gif
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=15552000; preload
cf-ray: 628d32ddbc88536a-FRA
cf-request-id: 088c1e1e920000536a6b1cf000000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:02 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 39ms
38ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=promobutler.be&host=www.promobutler.be&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:22:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EE32 0
0 142ms
61ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpLU2eJKIlgcnqYLQLmDlA1GXcDoBpTb9p-aB9Dyi0qkIN6YkaigEYATlvEkBJlqi47Z92osMs6XNb5ub3wv3zo14b2wiRtMtQMyPTZ6sHsXlZJYPFc3uLnM5vMdb2MoPsvvZn8bVyfOxLfj3GOAoqzKwMrLZUmgRYFvrKAMRNQ1Kz5AgxRLWhi1QVA5AZSQ9vJhwP5pWlPvcP4ByD2SQPIYtl3Y8NRLDy8KNvem0GDPpRQqrN03RWiPGReKacqBtjlwAeeMgwavhjZaBCYqwQU_EIe24IKEQ60P1_e1FN-allalUtbflgC_1lK3VN-Iq7IpU2OOwJgQUsFzqjTJP58aPAECDOh3JJaskUI3IDTVTmTi-FY3-SjBWrzgV8DPzhH5k&sai=AMfl-YRiliqWbAFRQnlHU6CegOgrpc1gPUfUozdvNo3N9Upeppi4d0iYTK1xm41ix5r6iSZO73VZA20Jao0LDp3eG75qd7FRwymvIMQKypa_i7WpczBrCj2E_S9onZOuXL1R&sig=Cg0ArKJSzB1_CzZivV1sEAE&urlfix=1&adurl=

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 21:22:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:02 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EE32 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 20:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2175
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Feb 2022 20:45:47 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE32 107 KB
33 KB 66ms
66ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:02 GMT

GET
H2 200 recept_januari_728x90_PROMOBUTLER_NL.jpg
s0.2mdn.net/9149037/ Frame EE32 56 KB
56 KB 30ms
7ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9149037/recept_januari_728x90_PROMOBUTLER_NL.jpg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d57b2d25394ff792583bf6a347879d73db78adc7f10e981e5dd0045fa39d592f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 17:51:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Jun 2020 11:02:17 GMT
server: sffe
age: 12633
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57270
x-xss-protection: 0
expires: Mon, 01 Mar 2021 17:51:29 GMT

GET
H2 200 container.html Show response
be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame BBFD 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.promobutler.be/nl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.promobutler.be/nl/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 28 Feb 2021 21:21:58 GMT
expires: Mon, 28 Feb 2022 21:21:58 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame 6DB6 185 KB
53 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 256512
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 6DB6 12 KB
5 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 256512
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 6DB6 87 KB
27 KB 46ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 256512
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 6DB6 3 KB
1 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 256512
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 6DB6 40 KB
13 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 256512
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6DB6 3 KB
681 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 20:51:54 GMT
server: ESF
date: Sun, 28 Feb 2021 21:22:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Feb 2021 21:22:02 GMT

GET
DATA 200
OK truncated
/ Frame 6DB6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0138d02f7fe6dfe1877a80aa98f27b58f66e386b488906f042e401a9f7ba0c02

Request headers

Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 nl_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6DB6 1 KB
1 KB 11ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/nl_bl.png

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5770fd63fcbb8add860088817d8381306795def673c8e753b445d409a6c01368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 06:04:41 GMT
x-content-type-options: nosniff
server: cafe
age: 55041
etag: 17208264828440836240
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1231
x-xss-protection: 0
expires: Mon, 01 Mar 2021 06:04:41 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6DB6 295 B
414 B 9ms
5ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 83097
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 28 Feb 2021 22:17:05 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 6DB6 0
0 19ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1-PxLxtcgUzSQIiaAmg8Ktab4G0l1fvdVDReYpV05_-5S_PqZkPQ4mWglLLTmOjNvWxhi
Requested by: Host: www.promobutler.be
URL: https://www.promobutler.be/nl/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6DB6 0
0 71ms
67ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CxwvLdgk8YL-VN7SMlQfR84c4p6LKrmCFv5G4sAuki4afoBoQASDgloQHYPWVzoHgBKABsNPT7gPIAQGpAh7P86NHQbQ-4AIAqAMByAMKqgTmAU_Q3lZsh338I0J-5W4ck_b24bns0wYYG9fGV9eZx5QcekWcCTYLI-SOJ9UlmKCjYRNhvd9CQwkY17yiTXh-SqSjQE8Dd2tWErdvgN007LJUyu-DjdmxfwfoDc0jHRO_uHTbRLI6vHwQ1Lk8xMmrSo65FAz34f5cAb09-elz14X76h9zVrjw9tpeu2MCjbu8oRDuEYUDDOKL8XZbJipyxuqNMtP_oGOc_vfdmJkDbs-OeB1paOHEaO_fxqNA4hJ4sYBrWzmOorNc37a4XrKwRpS7PxMpnVw_ySCp3bt1xbJ_s2MR3lK8wATLpoyU-QLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHuKysEagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHAxCIStIICQiA4YBAEAEYHYAKAcgLAdgTDYgUA7IXGgoYCAASFHB1Yi01NDEwNDg0OTM5MDM2Nzc3&sigh=TF_5T9je5cY&tpd=AGWhJmskMzMNMP-2nsGvsgfEx5ctIsQP32SOkXWd6Jv9wmMVJw
Requested by: Host: www.promobutler.be
URL: https://www.promobutler.be/nl/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 59ms
31ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de1cd1fbcadb11fa5a9efe08dc516b8644a1a855b329d0ff13844265932849f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 21:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6509
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ECE3 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13ec99dce484fd38d9f3d3128a3b7c666cfa8d95d87a9405d5d32eaa3471a366

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3AA0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d51fc4efb5452ca0c74540b1787de710609f5c64a03452e1a22f5d72bfa9ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6DB6 14 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.promobutler.be
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:32:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 139788
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Sun, 27 Feb 2022 06:32:14 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6DB6 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.promobutler.be
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 15:30:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 21068
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Mon, 28 Feb 2022 15:30:54 GMT

GET
DATA 200
OK truncated
/ Frame 473B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e99709dfe8ae2f815bd50bd4817978c4e869d881372ffe40922cdc491e891da6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D70C 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.promobutler.be/nl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.promobutler.be/nl/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 28 Feb 2021 20:45:58 GMT
expires: Mon, 28 Feb 2022 20:45:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2164
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EE32 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d901da313d567e00fa3074fc945a95524d99370354389e7a56aa68882b2ea502

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:02 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 473B 0
0 104ms
72ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuccDebq6tF-JAX5U2hyR8g0jxiM1yvbfHy6-Dt5MZI32HsdZM4RXt7i3PnZoQXivWC9Yojl_RLSsfsYS_hjYaIJqDvTbY-rf0ofECyJTCAx5uuoWN2C9s2AIqIhJ3HcSHpo-g5DRfl7IGv-BoqjhSFD-o157tgvXSHz8DO3gRABQwESfuDEBWu7R3mNbWCz7cHYnlfdjvvIpZI0AwTAk-LORA2AJ8F7LlBgv7jB1GFTDSR0g9rl_n9OeEDImkv_3Vwab-7s6MkaMokdBR4TmIoLObWa1-nvFjBFcaHIM2XyhdhNwEugbG_BwQ-wIobOg&sai=AMfl-YQ5vjGgYSmfGEhHeX6DN_ASDzfESRCb6J1Aa8-O7oQFwRfcU-KNE2KayKlkXvnHxOvPhYbG-zEV9aeqKbzAKDQiUzets0gEMHD99CJ0QmVWQC9OfuRpReEQXROd_Ybq&sig=Cg0ArKJSzGTT9VJa5DlbEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 21:22:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:02 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame EE32 0
0 59ms
58ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKJpOhFuihSdZFPBJJVyWz7y2oTVrJWIorTVQ02nGjG9Xklpqd-4s1u8rfm3g6idVOhHPmSZUD9y_Fm7KHup6AO5urQYuPc1ZgT_7G19uXC5di83Lc824Rt6-gJswG69Cpp7G9HQlLGYgkQCcLTLhYpy4ifqPP-Wk5qgLNJkT8FABbXCNmYkdj4AN4cA53rrzLSH9nQyP1Th4QuL1NACqqPQRnlQ7SaFVmr1thbPaAD60NnF6uKKJPq__HDkj02v3KNu5cicng3Xt748jFqX6Y7LFzkK_k7ETOHIGTZQffmnmojTnOUYeaRz3PiE793Q&sai=AMfl-YQSnBTqg-HlxjQsfVISVsZz6u25yiIpLqTCSNUMctYPjniqewzzBeCg_IS-OVK3kipJWkYueIttxGa6DPbzpBmLdwSgIzwtoDQt_KO0p70_eGrw9g83dqUjtfuAuYvA&sig=Cg0ArKJSzIKV6aj3QxMcEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 21:22:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:02 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8282 510 B
314 B 17ms
16ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWWVJTa0DjxZVckhFBXj-mtU5rqg7Z_AwPtom3Yo_eiOEJxV1euggp3yMHnVaL6vm5Dl6xSJBAl6BivMM_FKUuHj1dc_w

Requested by

Host: be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com
URL: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWWVJTa0DjxZVckhFBXj-mtU5rqg7Z_AwPtom3Yo_eiOEJxV1euggp3yMHnVaL6vm5Dl6xSJBAl6BivMM_FKUuHj1dc_w
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn0E_wr6Ude7OXgB2nX3yytLL6X9n8u18lDaqDiOEM_XRou8X30pHxMiKoYT4Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 28 Feb 2021 21:22:03 GMT
server: cafe
cache-control: private
content-length: 236
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BBFD 23 KB
11 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CeRCxaeF6ZgHOIYF3ttIAiNnOXNchAaODGF0JLFtd0mGRDJR4xxptsJzvcTS2YClgq9wxiDZLl2AnRDBm8D3dkp5ko8NowWFLEifnQd-9QBraQW8d4KNctEtoorzOY7MPU03x4E809hHvo_wZehg1gAqte0w&cry=1&dbm_d=AKAmf-BAaH-f6OiktsbM46lfF_0nHjw09gRsJm3MO_KjB_ZwbDrs21T1OYips2wORtKCZkWnnGQECEzCfoS87CaXDeweucv2s6QebBZYFartrBHlwBinwkyHI0lQLptbRwc4GbPGh4sYjbTM67P9LD-gYUNV4l3pIMaF5EZQR1LTzY2_WJZ7o_tuMFSBReOfCgScscY5pi78EeCz5FjVv252GYOKl-z0kQ5p7KWIxMSEV3Fn6W-hfrwRx5juXEo58RfgQOKEpmNOP9aT-HXqdp4SFktr8VS2vTs6ZEWPtLHJCWiTvfBW70j5KEvsq2XYyCrJZ0apRIozHAYrmCF5ug1hp2RaYFeLfvU0peDeyyLIRlGY9sQMxwYGsyLSA7LRYx_q7eU04WEcOktnSvxlyOGyxzzQHeuJIcLZEFdvUTPIrPR2OpW_ArpgINe9q5XTPWeFzoJ8JeehD1okYXtbi0z5qlP5cTVhdait2QmXcVPFvPU6ucdSJRdX7Kiu9Z30Ztlxk2Mvobe9f560ZBCwxrktDKzx_diCqm8dLOK0LTvLiUtTrRmhyytTYKDhZb_CK91I9StthHBbB5qaq4XkR8La_MKgH0a65K_UMoM-l8LqMDFrf8foLVx-jwwv0CD3P8BFslAtIgjk2INUHr5SjpPAf11OvkMonGVq0uStCkYPLxtypQ0AewPPghrah5RWcIexKCd6E3rk8OqzKmuZTgY7_R7dG5xMjwL4XKBPjmPgT_J1_HtrdEOlkMij_WqyNmiM78WZKPKXL4ueFh3us_sCTil5JOLSOmjwTvF_U15VC5tq_QDhDc50gb1c74GVMgQi6vvHmyW6OLkUleEvALAnv19HG9bBDwxwvVa79XdfCgBFSTU8Wug32WFcnp91dk9bMBYof-hKC9ZZnNXaIKk7evxyOeaBZW0GZs36IHN_WYdThEoyKJ5q3nN4fqyCHP_kTS5PUgIiRfFait0gCuTDlT3xIgE8I2XGX_waRSDM52X15ttAbt7VhLkxC5Xl31FXN57ZdJByoJlgM35zJTo5wsYPqlH6TREms0MlglbuZz8F1hjO4g8scCNohLA6mmrpiA7DM5KTThRyTkpy3GYuqcZvGH_AkRcm9MuwUcHKssVT-dPS08my0Ba3o0LqvXnAwhRfuiho__ejY0Y6pOI4ITYZBTZn6LLRibM049IOSq1VKpOMYyfOu-8QgS_1ihuUSBdupwEIsG2KvO_oAldPsq-ruU9KgAKW42dG00rR8vPKCL1ruGzRnZW4zqKROeWHYobnWgQO1H5Cjs3BkbIm_b_-rz5n-VQhF0e5rq_HOHezT0EkRnB_KVlE-X18QiTmO9a8tQzvVE01d83EkUzUiVfMOyhayygDpQWEK9kT5V1sI96QBLL8THYb3l0Whja43pE-edVAcF0e2podbY6p2WbKbjZ0a-Qk-zdhLyXiqjj0Oki4_LueXbEtdBZ24XNLJARXtfbtl2aYn8_B9ey7ACrbXgbuxa7cC_P4S7-5bpuRlrzDDsbT6mXZdrEbgjXxMHnra0yO0XI7PtCEUOt-yBUAvlYzUpHzis0EMXucVAj7BGhHSwODAvDFAighw2G4WmlxRZQ-j6c9pDu6wSC_35eIyQrTjrC3PW_gUvLtBiqxKPP8j4YBlkTKIwjPIVf9xgaQGMmznJaHqYsoSHBZhZcl5HVLnI5bTyv4ZtNyeW12-WzvctGfnajmvhLikBmZj-8UXBHHX3vjiAOchhhIOIviQCROYaSFRK1RuWbQCS1cphBvUDkLjHGRvCtl07ax500y4yOMrMRJa-k08YB8GS9mOE0cvs5yzda-VvqV_4VWZTrTL2fxfPktGsRTRZPcLyyKLwg1qmiSFa1iFnYBWjyGB9NN_dbSAslVED3GOXAIFZx2uCXPBUjeymCI2OEc4ERN98wBWbRhfzQyY6hujinUJBmqNxO4xUFSFk24464k4Ke9tKS4XH_8lVpSpWbTJYuLGIeFzjrV9A0oQ13cT53i6HFFbUX0ZxdhVsLI62uU7uTwENC1H7tlL8tI-i8y8fhNoKilILN0-QsnuI21a3yr-am3-0OnlOj6a9W3Ki0qkb29OF41ZugO1IaaEKvVa8Ma0SsK36rOUktJgjLfzCZ6zAhpqbHxSKGm9ARQUyqqmvJ74YZFdoYtArdM4toP41Jb1pK4nIHlpYFaAmts4UlLr-4JwPyfjHRoFD5JiV3GEJmDPKvPfucBUGOgcWCp_sEBkpscasPjFbDpkgpfEuNCcCtP5TYcBgFVivwIJ_Gc93enXB98kTxFB9IT2reIXKYIEOaHVpJ8Mc3cVnIn2yLTUEp6aQF-PpM-jyDF0_vrP9PFvMn5sMtMjWqSdKQvImBZENUYhRHtEkPJjEGxguYn0jzGvANDMWuVw-ORjYq9x0Qpr3eR2PhaLKPNMFL6UZCYeYBXcctNPbeYwVGaDO7lphmNo3zqNMIRfpiibFKB1QP_x1tl8nSCEJ3AsppMxRxq8IA1rbXu70J5k7wJj8op2eIuYso1w9QLKR11X68ZLksQ4VgpkNaiHfIVjYu7PoDieryBnVKMa9-xIIFNaVYWUyvCP1nV6KY8p22_o15C7ANv0m4drjHmqjdcdglo8Vo8xkCNJQDeObb9F3tmX2eOm_19l0vxw3LkVIpKB5tAsAfP7sQ0CBxquZYwMhqsNy8INhBuVptAi2Y6j1Vk087rKTD9lnClEvY9wwZn6BbXzh3pU7TyNneZnVaV1fNuEXCkNLZqG5d4jtsn9ptyRLaq6hb0jfemJuY3OJPcm4Fwdhvv6Atw0-ureR8-5kd6Th4XLVnlLWd0__0w5QjbpWW0Z_ZU3tw3Yo8eYx4WJqo5WBhctydHbH3q5L-lzQiW8jR0SSUkQqTBZsZon5UVNTPDEj6nfTRLMSmZaJLfm5tEEcYI1_YGE_kxPf8RKa_Y7wND5B47UBvfYqKZUnXfx6B6TZdL2ItlCrKwiUkA9GGKqmBk52M1pRF5ACa4iKVDBOue-laUP3aS8RVsj52rBoSjFZ3VEcXB8L-HamfpXuv_xDzEV80YHb_aHBkj9NcWHOwVJ0REOrA923RxpeeY8x4SExkFEJeTJJzX6Tiakeq0gy_vmMelLLnta0Kxf1LtBcvdoDLeA4gTZoUZ5FZXkEpdO6mmfxysDRssJyQiCKps4RLLZN2_PXfYTPXYW1UHjgEyAjKzXHwk-s_u_1SuE0bAfn0SzIotLSPKilmneQOK90oixvpI_C9wHOHtEmGUT1lOqT17fSd-8J-ZlotqUWBD1LgklQ&cid=CAASPeRo0MITvpASJs7O1fI9MWyT8wRv-42xf6Dy_tqxgJg0TbOYJzDtBs8fK7jtOWd1s7mYkBGseXdjyUDNqI8&rfl=1%2Chttps%253A%252F%252Fwww.promobutler.be%252Fnl%252F%240

Requested by

Host: www.promobutler.be
URL: https://www.promobutler.be/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0669e5307771f620b7b3336ba8a8332b44e1dac27ea5106266bdf3d919075cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11522
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BBFD 42 B
476 B 66ms
52ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CjW_opiNKnfq8l3OQpvL4MRm7xdhpMASpBc9gjiRh1dzxwtItQnxDxwGBJ5gwWs3LP6uC7-iY04TV4fI2dZh03Oe1QQ2mu1DAIkLCUpRkSnytd8ss

Requested by

Host: be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com
URL: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:22:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame BBFD 3 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Host: be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com
URL: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 21:10:23 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBFD 107 KB
33 KB 60ms
59ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com
URL: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:03 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame BBFD 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com
URL: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 21:17:52 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame BBFD 0
0 14ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGL3xRmXNqlcv-Iqa1mGyGVLw0OCqQ8_CgvvMXaWFszntmEwPUybOp7ZtMYxemBHUmMiuv
Requested by: Host: be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com
URL: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3AA0 0
0 61ms
60ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLCkR73OgPLBpvZqUQmEoMZAK6p3_s3QUETwAWoVT1rkCLGpJAOskTKiHbpeRf_JCGE2afnFCXJgYndQQGliIidZDsyOzV8MiSpKEx1JY4qw9CqZQmAXrFy99RJsbUR7j-Th2WZLkcJqxAL7V9Y7m6g-gnAf6seprKlsIBo5c45x_mTcQUfIA9s_TE_9AprylNa1AFfbKwO91ABry_J7vVFn-7h4-CtPPz3JiBz7yp8JEGN4hiZ7wLkpDmedHuJpB_eWCsCUGeh_6dMUuCl7XBLlIlVveV9hcX569rqkYnuWDBm3fZ8cEaFnWMaQxmMQ&sai=AMfl-YTbvG6Gm4xqWlFTrgixotzL-dEis6acusWZTuKq2PlQoYzX1aWDVOGAvw4QniSqmQl_WCX5l86auvg8xhuWh2x_R-rzO-5z6UgGn_jE6F9eFz4zKCKxKQg68FOl-jY1&sig=Cg0ArKJSzMY66tm6tp1oEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 21:22:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:03 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame ECE3 0
0 60ms
60ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttrX2ELCjYQbaIdjOq-hQPzr_PUG2_5xR_6KBELpdOYqsgpb4kXYhW3ntvrYHsH-V_5YCF1pqTT_AoG243tEeT-szbiHk1WWFyBz_bFpoucr-qNZHOmaPfXClHTThkMhB4poAFgnWGqWhExQEFYbvmL5VF3Abufzb4Wzsj5ucpwzKeeTWYRr3kf-HyXbbzo0Acs4ZqypesfCYgY0JlIHS9crZIois37GPHkQHnet7YVQr7faVWSjbYaY4UnW04QsxTAG-spydXR04AtdjkBb1p_h7yqlnetlaLganb96R2PKQhJ-lcd1t6w3651Ye57Q&sai=AMfl-YStH0yMUd7d5qhQBAi6M6EJIKGK5R6t1tIzMwhzrsvewTE2Agehfq6T9pmAOrcgml9G4mBLJwDsZBnujqF_-BlbsoRdPxkgaLF4j_dCtxDdnCo9-XVKk9D_UmQGs6q4&sig=Cg0ArKJSzKkSD0YotRQaEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 21:22:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 28 Feb 2021 21:22:03 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6DB6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

61ms
47ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 28 Feb 2021 21:22:03 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 nl_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6DB6 1 KB
1 KB 6ms
5ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/nl_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5770fd63fcbb8add860088817d8381306795def673c8e753b445d409a6c01368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 06:04:41 GMT
x-content-type-options: nosniff
server: cafe
age: 55042
etag: 17208264828440836240
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1231
x-xss-protection: 0
expires: Mon, 01 Mar 2021 06:04:41 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6DB6 295 B
325 B 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 83098
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 28 Feb 2021 22:17:05 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame CEC4 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.promobutler.be/nl/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.promobutler.be/nl/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 28 Feb 2021 21:17:25 GMT
expires: Mon, 28 Feb 2022 21:17:25 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 278
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame BBFD 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CeRCxaeF6ZgHOIYF3ttIAiNnOXNchAaODGF0JLFtd0mGRDJR4xxptsJzvcTS2YClgq9wxiDZLl2AnRDBm8D3dkp5ko8NowWFLEifnQd-9QBraQW8d4KNctEtoorzOY7MPU03x4E809hHvo_wZehg1gAqte0w&cry=1&dbm_d=AKAmf-BAaH-f6OiktsbM46lfF_0nHjw09gRsJm3MO_KjB_ZwbDrs21T1OYips2wORtKCZkWnnGQECEzCfoS87CaXDeweucv2s6QebBZYFartrBHlwBinwkyHI0lQLptbRwc4GbPGh4sYjbTM67P9LD-gYUNV4l3pIMaF5EZQR1LTzY2_WJZ7o_tuMFSBReOfCgScscY5pi78EeCz5FjVv252GYOKl-z0kQ5p7KWIxMSEV3Fn6W-hfrwRx5juXEo58RfgQOKEpmNOP9aT-HXqdp4SFktr8VS2vTs6ZEWPtLHJCWiTvfBW70j5KEvsq2XYyCrJZ0apRIozHAYrmCF5ug1hp2RaYFeLfvU0peDeyyLIRlGY9sQMxwYGsyLSA7LRYx_q7eU04WEcOktnSvxlyOGyxzzQHeuJIcLZEFdvUTPIrPR2OpW_ArpgINe9q5XTPWeFzoJ8JeehD1okYXtbi0z5qlP5cTVhdait2QmXcVPFvPU6ucdSJRdX7Kiu9Z30Ztlxk2Mvobe9f560ZBCwxrktDKzx_diCqm8dLOK0LTvLiUtTrRmhyytTYKDhZb_CK91I9StthHBbB5qaq4XkR8La_MKgH0a65K_UMoM-l8LqMDFrf8foLVx-jwwv0CD3P8BFslAtIgjk2INUHr5SjpPAf11OvkMonGVq0uStCkYPLxtypQ0AewPPghrah5RWcIexKCd6E3rk8OqzKmuZTgY7_R7dG5xMjwL4XKBPjmPgT_J1_HtrdEOlkMij_WqyNmiM78WZKPKXL4ueFh3us_sCTil5JOLSOmjwTvF_U15VC5tq_QDhDc50gb1c74GVMgQi6vvHmyW6OLkUleEvALAnv19HG9bBDwxwvVa79XdfCgBFSTU8Wug32WFcnp91dk9bMBYof-hKC9ZZnNXaIKk7evxyOeaBZW0GZs36IHN_WYdThEoyKJ5q3nN4fqyCHP_kTS5PUgIiRfFait0gCuTDlT3xIgE8I2XGX_waRSDM52X15ttAbt7VhLkxC5Xl31FXN57ZdJByoJlgM35zJTo5wsYPqlH6TREms0MlglbuZz8F1hjO4g8scCNohLA6mmrpiA7DM5KTThRyTkpy3GYuqcZvGH_AkRcm9MuwUcHKssVT-dPS08my0Ba3o0LqvXnAwhRfuiho__ejY0Y6pOI4ITYZBTZn6LLRibM049IOSq1VKpOMYyfOu-8QgS_1ihuUSBdupwEIsG2KvO_oAldPsq-ruU9KgAKW42dG00rR8vPKCL1ruGzRnZW4zqKROeWHYobnWgQO1H5Cjs3BkbIm_b_-rz5n-VQhF0e5rq_HOHezT0EkRnB_KVlE-X18QiTmO9a8tQzvVE01d83EkUzUiVfMOyhayygDpQWEK9kT5V1sI96QBLL8THYb3l0Whja43pE-edVAcF0e2podbY6p2WbKbjZ0a-Qk-zdhLyXiqjj0Oki4_LueXbEtdBZ24XNLJARXtfbtl2aYn8_B9ey7ACrbXgbuxa7cC_P4S7-5bpuRlrzDDsbT6mXZdrEbgjXxMHnra0yO0XI7PtCEUOt-yBUAvlYzUpHzis0EMXucVAj7BGhHSwODAvDFAighw2G4WmlxRZQ-j6c9pDu6wSC_35eIyQrTjrC3PW_gUvLtBiqxKPP8j4YBlkTKIwjPIVf9xgaQGMmznJaHqYsoSHBZhZcl5HVLnI5bTyv4ZtNyeW12-WzvctGfnajmvhLikBmZj-8UXBHHX3vjiAOchhhIOIviQCROYaSFRK1RuWbQCS1cphBvUDkLjHGRvCtl07ax500y4yOMrMRJa-k08YB8GS9mOE0cvs5yzda-VvqV_4VWZTrTL2fxfPktGsRTRZPcLyyKLwg1qmiSFa1iFnYBWjyGB9NN_dbSAslVED3GOXAIFZx2uCXPBUjeymCI2OEc4ERN98wBWbRhfzQyY6hujinUJBmqNxO4xUFSFk24464k4Ke9tKS4XH_8lVpSpWbTJYuLGIeFzjrV9A0oQ13cT53i6HFFbUX0ZxdhVsLI62uU7uTwENC1H7tlL8tI-i8y8fhNoKilILN0-QsnuI21a3yr-am3-0OnlOj6a9W3Ki0qkb29OF41ZugO1IaaEKvVa8Ma0SsK36rOUktJgjLfzCZ6zAhpqbHxSKGm9ARQUyqqmvJ74YZFdoYtArdM4toP41Jb1pK4nIHlpYFaAmts4UlLr-4JwPyfjHRoFD5JiV3GEJmDPKvPfucBUGOgcWCp_sEBkpscasPjFbDpkgpfEuNCcCtP5TYcBgFVivwIJ_Gc93enXB98kTxFB9IT2reIXKYIEOaHVpJ8Mc3cVnIn2yLTUEp6aQF-PpM-jyDF0_vrP9PFvMn5sMtMjWqSdKQvImBZENUYhRHtEkPJjEGxguYn0jzGvANDMWuVw-ORjYq9x0Qpr3eR2PhaLKPNMFL6UZCYeYBXcctNPbeYwVGaDO7lphmNo3zqNMIRfpiibFKB1QP_x1tl8nSCEJ3AsppMxRxq8IA1rbXu70J5k7wJj8op2eIuYso1w9QLKR11X68ZLksQ4VgpkNaiHfIVjYu7PoDieryBnVKMa9-xIIFNaVYWUyvCP1nV6KY8p22_o15C7ANv0m4drjHmqjdcdglo8Vo8xkCNJQDeObb9F3tmX2eOm_19l0vxw3LkVIpKB5tAsAfP7sQ0CBxquZYwMhqsNy8INhBuVptAi2Y6j1Vk087rKTD9lnClEvY9wwZn6BbXzh3pU7TyNneZnVaV1fNuEXCkNLZqG5d4jtsn9ptyRLaq6hb0jfemJuY3OJPcm4Fwdhvv6Atw0-ureR8-5kd6Th4XLVnlLWd0__0w5QjbpWW0Z_ZU3tw3Yo8eYx4WJqo5WBhctydHbH3q5L-lzQiW8jR0SSUkQqTBZsZon5UVNTPDEj6nfTRLMSmZaJLfm5tEEcYI1_YGE_kxPf8RKa_Y7wND5B47UBvfYqKZUnXfx6B6TZdL2ItlCrKwiUkA9GGKqmBk52M1pRF5ACa4iKVDBOue-laUP3aS8RVsj52rBoSjFZ3VEcXB8L-HamfpXuv_xDzEV80YHb_aHBkj9NcWHOwVJ0REOrA923RxpeeY8x4SExkFEJeTJJzX6Tiakeq0gy_vmMelLLnta0Kxf1LtBcvdoDLeA4gTZoUZ5FZXkEpdO6mmfxysDRssJyQiCKps4RLLZN2_PXfYTPXYW1UHjgEyAjKzXHwk-s_u_1SuE0bAfn0SzIotLSPKilmneQOK90oixvpI_C9wHOHtEmGUT1lOqT17fSd-8J-ZlotqUWBD1LgklQ&cid=CAASPeRo0MITvpASJs7O1fI9MWyT8wRv-42xf6Dy_tqxgJg0TbOYJzDtBs8fK7jtOWd1s7mYkBGseXdjyUDNqI8&rfl=1%2Chttps%253A%252F%252Fwww.promobutler.be%252Fnl%252F%240

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dbc2526d42c42178733234e636c3b6846d8e8ace65a3320fe894c4b91b95067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8955
x-xss-protection: 0
server: cafe
etag: 757621948609918151
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 21:16:58 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BBFD 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 20:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2176
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Feb 2022 20:45:47 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 8282 170 B
317 B 42ms
39ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWWVJTa0DjxZVckhFBXj-mtU5rqg7Z_AwPtom3Yo_eiOEJxV1euggp3yMHnVaL6vm5Dl6xSJBAl6BivMM_FKUuHj1dc_w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWWVJTa0DjxZVckhFBXj-mtU5rqg7Z_AwPtom3Yo_eiOEJxV1euggp3yMHnVaL6vm5Dl6xSJBAl6BivMM_FKUuHj1dc_w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:22:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8282
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2zMOatYcrZ7Qo29jYbRoQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2zMOatYcrZ7Qo29jYbRoQ&google_cver=1&C=1

43 B
894 B

50ms
50ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2zMOatYcrZ7Qo29jYbRoQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWWVJTa0DjxZVckhFBXj-mtU5rqg7Z_AwPtom3Yo_eiOEJxV1euggp3yMHnVaL6vm5Dl6xSJBAl6BivMM_FKUuHj1dc_w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWWVJTa0DjxZVckhFBXj-mtU5rqg7Z_AwPtom3Yo_eiOEJxV1euggp3yMHnVaL6vm5Dl6xSJBAl6BivMM_FKUuHj1dc_w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 21:22:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 28 Feb 2021 21:22:03 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 21:22:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2zMOatYcrZ7Qo29jYbRoQ&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sun, 28 Feb 2021 21:22:03 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8282
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YDwJe0T7ZxWSUHvpDaxxdAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2zMOatYcrZ7Qo29jYbRoQ&google_cver=1

43 B
1014 B

44ms
44ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2zMOatYcrZ7Qo29jYbRoQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWWVJTa0DjxZVckhFBXj-mtU5rqg7Z_AwPtom3Yo_eiOEJxV1euggp3yMHnVaL6vm5Dl6xSJBAl6BivMM_FKUuHj1dc_w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYjP_gOjAB&v=APEucNWWVJTa0DjxZVckhFBXj-mtU5rqg7Z_AwPtom3Yo_eiOEJxV1euggp3yMHnVaL6vm5Dl6xSJBAl6BivMM_FKUuHj1dc_w
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 21:22:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 28 Feb 2021 21:22:03 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:22:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2zMOatYcrZ7Qo29jYbRoQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js Show response
pagead2.googlesyndication.com/bg/ Frame D70C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 11:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 121633
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6189
x-xss-protection: 0
expires: Sun, 27 Feb 2022 11:34:50 GMT

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5515 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 28 Feb 2021 20:45:58 GMT
expires: Mon, 28 Feb 2022 20:45:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2165
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK jaca9pdc7b7l Show response
hal9000.redintelligence.net/zone/ Frame BBFD 11 KB
4 KB 133ms
45ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/jaca9pdc7b7l?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGn-wdgk8YL2VN7SMlQfR84c45LSqg1eXyqj_rgfwLhABIOCWhAdg9ZXOgeAEyAEJqQIez_OjR0G0PqgDAaoE1gFP0BIZOZ-xYIUiHUpxnQYir2Tu_fqEuT442jjOJ1DDR0W8MTsUS54Rg8wawkQ4hBQ_bNgR1nOMG0sDAPNbXmvhcxJGgk_QEbl8P9gDb-e9utWsOXH0so90vAcA_4vYBzg3QYFr4BGdm85YkKZYN9bonVlCbeOVjps2r6yR7fUx41T3dB4aSwD5hHRaThhzOJzUFpK_lelbtXazeQ5hlkvan3N9lT0R_Q-mgS59CBwao0p2SwO-w0RWA79zrg5A9n7mlN3lOcdrL_1ITmfijpu-WNa_sr-zwATllN_RzgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgGYCwHICwGADAGwE4XAtQrQEwDYEwOIFAHYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRo0MITvpASJs7O1fI9MWyT8wRv-42xf6Dy_tqxgJg0TbOYJzDtBs8fK7jtOWd1s7mYkBGseXdjyUDNqI8%26sig%3DAOD64_2g-Tja_e6sjTx-01sfCop8rd6thA%26client%3Dca-pub-5410484939036777%26dbm_c%3DAKAmf-CxbUgm3hyV4hkMOr2GDrCtogKPcaJz3-DKTHIJ8W20t2bu7Cr-NsVwD5Gk2hlhPlMAUKb38gPFngEniALcD9npFDoNKiiSfIw146qQvT5QW6GWLAn2iS4xuistLPsZpLZDxMpmfoqGwj51uGnbWSHit4f7zA%26cry%3D1%26dbm_d%3DAKAmf-CYQ7fjk9eluZwR-bdbQtTR3StuzO9GM1xex6Eoc2h8f7mQLss83duem0cpVzdM0mGwZhUiY2AdFD0DA1i6XXRHDwoCidYJJtK7rj-Ugzev_Gi6eQqL2JVKb0NqTCcOEMsktZedu63t0BcQdPsxsKYy7GFtVBA4e6UL37iHXRcV9H9fGEqDRXhCfkfXk-AHYL9BSRKIYAEX97rmowrEWGxbEITwSBtZEVlymyafuIKatU_exomNYd__78eM8DmSwiRpKxTGPIkhpZCAPLRA4kthn7975ZoPWzqChjPTjiJtPtB6CmtAZFgOpkcrf3agI9VYm0clh_e95pxu_O-7ezfz4RtBPDaMmnbE87DC6xYLeLtXDRAzL0jdwBmaDbuN0Dzenvi2hIPjH9xZvVcXSpLfQsYXwRELOdYxVenNqHu6QZ1hxy61hJwsmGnreRkzRE5XfjdQ%26adurl%3D
Requested by: Host: be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com
URL: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 07f61ce0912f8dc886fdf24c4c00e468caf0255a6aeaef7363cabc387048ed5f

Request headers

Referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 21:22:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3893
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame CEC4 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 20:45:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 2174
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Mon, 28 Feb 2022 20:45:49 GMT

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5515 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 20:45:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 2174
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Mon, 28 Feb 2022 20:45:49 GMT

GET
H/1.1

200
OK

request.php Show response
hal900025.redintelligence.net/ Frame BBFD
Redirect Chain

https://hal900025.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=0ce0d68e4b&subid=&uid=3b8165fa888d2e84&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900025.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=0ce0d68e4b&subid=&uid=3b8165fa888d2e84&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

611 B
936 B

215ms
110ms

Script
application/x-javascript

138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=0ce0d68e4b&subid=&uid=3b8165fa888d2e84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGn-wdgk8YL2VN7SMlQfR84c45LSqg1eXyqj_rgfwLhABIOCWhAdg9ZXOgeAEyAEJqQIez_OjR0G0PqgDAaoE1gFP0BIZOZ-xYIUiHUpxnQYir2Tu_fqEuT442jjOJ1DDR0W8MTsUS54Rg8wawkQ4hBQ_bNgR1nOMG0sDAPNbXmvhcxJGgk_QEbl8P9gDb-e9utWsOXH0so90vAcA_4vYBzg3QYFr4BGdm85YkKZYN9bonVlCbeOVjps2r6yR7fUx41T3dB4aSwD5hHRaThhzOJzUFpK_lelbtXazeQ5hlkvan3N9lT0R_Q-mgS59CBwao0p2SwO-w0RWA79zrg5A9n7mlN3lOcdrL_1ITmfijpu-WNa_sr-zwATllN_RzgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgGYCwHICwGADAGwE4XAtQrQEwDYEwOIFAHYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRo0MITvpASJs7O1fI9MWyT8wRv-42xf6Dy_tqxgJg0TbOYJzDtBs8fK7jtOWd1s7mYkBGseXdjyUDNqI8%26sig%3DAOD64_2g-Tja_e6sjTx-01sfCop8rd6thA%26client%3Dca-pub-5410484939036777%26dbm_c%3DAKAmf-CxbUgm3hyV4hkMOr2GDrCtogKPcaJz3-DKTHIJ8W20t2bu7Cr-NsVwD5Gk2hlhPlMAUKb38gPFngEniALcD9npFDoNKiiSfIw146qQvT5QW6GWLAn2iS4xuistLPsZpLZDxMpmfoqGwj51uGnbWSHit4f7zA%26cry%3D1%26dbm_d%3DAKAmf-CYQ7fjk9eluZwR-bdbQtTR3StuzO9GM1xex6Eoc2h8f7mQLss83duem0cpVzdM0mGwZhUiY2AdFD0DA1i6XXRHDwoCidYJJtK7rj-Ugzev_Gi6eQqL2JVKb0NqTCcOEMsktZedu63t0BcQdPsxsKYy7GFtVBA4e6UL37iHXRcV9H9fGEqDRXhCfkfXk-AHYL9BSRKIYAEX97rmowrEWGxbEITwSBtZEVlymyafuIKatU_exomNYd__78eM8DmSwiRpKxTGPIkhpZCAPLRA4kthn7975ZoPWzqChjPTjiJtPtB6CmtAZFgOpkcrf3agI9VYm0clh_e95pxu_O-7ezfz4RtBPDaMmnbE87DC6xYLeLtXDRAzL0jdwBmaDbuN0Dzenvi2hIPjH9xZvVcXSpLfQsYXwRELOdYxVenNqHu6QZ1hxy61hJwsmGnreRkzRE5XfjdQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ancestorOrigins=https%3A%2F%2Fwww.promobutler.be&random=1124442612442&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com
URL: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9f16fbe5d15bf81b2f4712411cd640e6b8e5b351cfde272e4005eeece888bbea

Request headers

Referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 21:22:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 13409400214475500710152011519025
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 330
Expires: Sun, 28 Feb 2021 21:22:03 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 21:22:03 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=0ce0d68e4b&subid=&uid=3b8165fa888d2e84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGn-wdgk8YL2VN7SMlQfR84c45LSqg1eXyqj_rgfwLhABIOCWhAdg9ZXOgeAEyAEJqQIez_OjR0G0PqgDAaoE1gFP0BIZOZ-xYIUiHUpxnQYir2Tu_fqEuT442jjOJ1DDR0W8MTsUS54Rg8wawkQ4hBQ_bNgR1nOMG0sDAPNbXmvhcxJGgk_QEbl8P9gDb-e9utWsOXH0so90vAcA_4vYBzg3QYFr4BGdm85YkKZYN9bonVlCbeOVjps2r6yR7fUx41T3dB4aSwD5hHRaThhzOJzUFpK_lelbtXazeQ5hlkvan3N9lT0R_Q-mgS59CBwao0p2SwO-w0RWA79zrg5A9n7mlN3lOcdrL_1ITmfijpu-WNa_sr-zwATllN_RzgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgGYCwHICwGADAGwE4XAtQrQEwDYEwOIFAHYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRo0MITvpASJs7O1fI9MWyT8wRv-42xf6Dy_tqxgJg0TbOYJzDtBs8fK7jtOWd1s7mYkBGseXdjyUDNqI8%26sig%3DAOD64_2g-Tja_e6sjTx-01sfCop8rd6thA%26client%3Dca-pub-5410484939036777%26dbm_c%3DAKAmf-CxbUgm3hyV4hkMOr2GDrCtogKPcaJz3-DKTHIJ8W20t2bu7Cr-NsVwD5Gk2hlhPlMAUKb38gPFngEniALcD9npFDoNKiiSfIw146qQvT5QW6GWLAn2iS4xuistLPsZpLZDxMpmfoqGwj51uGnbWSHit4f7zA%26cry%3D1%26dbm_d%3DAKAmf-CYQ7fjk9eluZwR-bdbQtTR3StuzO9GM1xex6Eoc2h8f7mQLss83duem0cpVzdM0mGwZhUiY2AdFD0DA1i6XXRHDwoCidYJJtK7rj-Ugzev_Gi6eQqL2JVKb0NqTCcOEMsktZedu63t0BcQdPsxsKYy7GFtVBA4e6UL37iHXRcV9H9fGEqDRXhCfkfXk-AHYL9BSRKIYAEX97rmowrEWGxbEITwSBtZEVlymyafuIKatU_exomNYd__78eM8DmSwiRpKxTGPIkhpZCAPLRA4kthn7975ZoPWzqChjPTjiJtPtB6CmtAZFgOpkcrf3agI9VYm0clh_e95pxu_O-7ezfz4RtBPDaMmnbE87DC6xYLeLtXDRAzL0jdwBmaDbuN0Dzenvi2hIPjH9xZvVcXSpLfQsYXwRELOdYxVenNqHu6QZ1hxy61hJwsmGnreRkzRE5XfjdQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ancestorOrigins=https%3A%2F%2Fwww.promobutler.be&random=1124442612442&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 28 Feb 2021 21:22:03 +0100

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=1566656085633449&bg=!39yl3J_NAAXB_3NtwTsAKQB2-Dxah0ZKihU68hrYZKZCRnK8e5fNmS8BKdvP8yuhbuz-EUGXDJ90AgAAAOJSAAAAH2gBBwoBHJJQeTAg6EOjcNx5dL77BjG4uynCI4K7NThR3lXCSawPK6584v5JPQ8wTnNXzh4yGFtenyRpzFO13YudcdquRdEZEwJg8Wn4Ufl8kILR3nQnQd_gvU2Hw2d08Zhoxj60RcbFFq0VDFXHnPxd-3GsZNLtqd50GKNxgxvwrnb2u4BZzMkBWTLU-lm8bwnHQpowF3KQIYdI1HuwUfd8BQo0TBYOaKSxsh-I5h0PbFm9x3vzWBGcA480F-lhqwfhjFQGYw54mqdwJjLYPP4uEAsZOdWff-FYhGIzDSEqx2LGhehnOMiQBuD4GIIC0jW1fj1DKkFyOQaElrdZSFKmJ-2s1EEzfJ4BsQqEQFXnF7tDIli9Gqdh3zZ4-ZUQWi98mQHRBEerfPmDburOjAlCDtfwGOCJe9luk2bMbPY3IzoFyOzyukc6IO2GkHbrGbHwNlN697BEAHBSVstiWPU-Y1d4kqnAYwFX1QuUL-n-7-2m0ibUgL8JTvth2cKsi73e07MVAH6EI8-yPmoQSk7KN71iR2PJo18IxsLPS8ljHYf77WUPkHpMAxJX__sPSL7f4WeGZD9rHsTC4YOBtpRKr4oGWr1D8dD14BmvuhjUpSl46XChFQJXcgFPtFdrhqegSQNYfqMrdgQCnlgbbH46KGTmfVe3AbzbmUSzreAJgoYNsTBRxmMhrwsTL_pb9bgBHWGv-t7rUxPULGiJBxp63ui1xU9Xb_UPnWX46KF3dWUgmT0nhRqzcT73aeXxCaPVa5uqiDd0AbmZbhMS95UrxU9MuIRYlpiUWonINfgjS9WAiAm8H_uJnTEub7k5BbnOB70NtZvAELQbCBMBUvJOql-aQO8FcBCUEQoTcDwGqPFWJgzUR0vaLkVuvyWys2XsqhNdYWnqIh5IGss2TyWqhEPCu9Ql_hQqXtUDavntQVYLyQ5q89x4a0_4cQRx3xIZ2S9V3wsdPzeqe442AyrT4p-9U4N-Gj15ktr2KHBlRycqaz1p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:22:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D70C 0
56 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtDjOdgk8YNq-NLSMlQfR84c4AAAAADgB4AQC&bg=!dXaldjXNAAXB_3NtwTsAKQB2-Dxa2Csg_HGSWRGIs4sDXMCprZX3RdBY3bJqgVhtwVqwVoRL-lPEAgAAAShSAAAAImgBBwoADVgtdzc24JZibpxwpoqZAjks3xu5L-QFu1Cwp1JkhQw7hxotXbqxg1Y-WLkKmXzZiehW3w0_hCf9Mv4xoiPQ7oFDlvxr3e-IGE6lpjF7U3GzKjPfGlCxQCU7y0lK7gBSGM7JtBY5KItGwyyFFhxd2B8EcmitoCGT4RwJgcM1lu78KcJK1xTeg83pGafzemSlOjUmqz63-vdEQ5kvrrlYwhgF_kDKxVPMYVEMUy7QpFdBvfk932D06mOJWhmu4CmnqAHNSqRCyczy98AgJeZgmVNpK1SHJ42l_-cyRo8xyYkNEkE0vMVUSWqXBfC7B3OK8HJdlnCchpAgr0ZhPyh98zCllNGYI-2yWeyOhzbsrQQQ8QNxb7XD7fdyD3GX4eH0sCklrqbzh5Z4Ojvp7AIp6RTxQuWjUxD7llDWV4f3ssFba3MptpBeeXlxV3GvXNDmQdoBsNa8QuD7ktvqdGoORfFJynMQEdIyFMWHicIwGT4jBpaPMk0jAehgZXAz-tNL4_xb2hZnLoCI-QPG0nktNnifLCg2yQxAScewGSZ8iCUp7nWG3OqXklEmRnjOJYe0lfAT2LhwK8VkAeRxGJbxA22DGeEflCmzmjOSrjjcqjkCx9QCAPSmUGog1CAkhfjYwPwPTLJ9N5Z6sjkEFvPSMMIN1yOPWo0b3th2ECfzkgPjqrzPpztz6Mp1TVSOguvVnVGfgIMU5c1mPHaoqtKVCOerWoqMdxdyOVfy2LwXvzW0zwPql9oeSoaFoveCR4kCKDDCj9TTrQdK3w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:22:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5515 0
56 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BB2S8ewk8YKi8Ace8lgSJmpywBQAAAAA4AeAEAg&bg=!YGOlYyDNAAXB_3NtwTsAKQB2-DxaAeddUWyCd6aJ3yr1dtnWB5CAf64F7YkAb9pt3ZlfbJnnJsf2AgAAAM5SAAAADmgBBwoAolW7b5rMFENjIOMoyRqkgSF2IPyOAqd_yciph25Rji8ZtzcgI2AOlXpzFSmuw_mJ21dXAmwJAhHWW1wADXfRk98Y0g2phkbbbGiQBQl2mPCHnDFLLjOhGvo7dfoa0_zcBDCo0wwYlfHJZnBwGpfRBMIyzhJ-maak9-KPKNqqe91aJJZ8LIo2J1lr_ULpOp0p8UGj5KWsqJLMBp4xqot2VBADhZkCbrcvbEgiqvFEizYR8zbz6zPZz69hHpgxHDnIBMnhmtTj8M10NBx3AHiLLmPJFty3T24tZynnZWU8gANXet7hxKeFHWBfJGSwJCKclmwz6NmCFt3Euzyn4lh3ZDBAUSwvdvePEN_J3pX7Vvr0tpzk34arj3k8gjqRNFHuPPyNZcabRC3ZAkXGjvclUq4lGWJYuUpGgkSiKWu-AJV1v5CoMzZU0xxRMBVoo_vGxiowlUjLZtXOyF3nL2JAZ78F8pugiD9G65E4_9XNrauYuPl-nmqTtL5ghUJKSFGSAnSjG5WJJNVLcDQx6sqIvrn6_XTnfXxm0sV3THahtDjJBEKRA7YkcgWH453m-V0rM69fFhwn4df5i5qnDkCla1bT692Lp5nFsKSwUA-w7G2G6WdPWljbI0raFFn0-devwRrdZBZIGF7nXrDAapX2W8gqXYG4ooWEGHVjVpwFE0uGC_BlJps9C_pBSwH9nNoBjkFcWQ60t8LKMPwD1iVHfJoZCO3dX4w3M1GJyxTEu4ot6XT0zlQyh8MrsGFncYe6Mp1V5_E2uGpUUYFOtfzlfqzuxL-UWBUcVf5jLJ5aaMo_Tjibv-Fj1eOIo2cOzYLeC5STE908gL6_lpfygx5fcXiDXgQqDdbcBUswkhcnfU1XcjbqTwFw9OR1p_9eD78NgabWjlTrr0UUMwZ5PSF5VXSOdds-g4DprRZovFPJqzhIckmywYMZbtGxmr7CScVpX908B4paI8ytUHdSev6T3kYIjosyn-JeI-AXGAdOkA_nmf8HrAipp5dehVbjcnMWnQscSNDooykPciLR9RqDUp_9dYM

Requested by

Host: be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com
URL: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:22:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900025.redintelligence.net/ Frame 33B2 3 KB
2 KB 105ms
37ms Document
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request_content.php?s=13409400214475500710152011519025&a=87207c4e
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=jaca9pdc7b7l&nw=20&renderingType=javascript&namespace=0ce0d68e4b&subid=&uid=3b8165fa888d2e84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGn-wdgk8YL2VN7SMlQfR84c45LSqg1eXyqj_rgfwLhABIOCWhAdg9ZXOgeAEyAEJqQIez_OjR0G0PqgDAaoE1gFP0BIZOZ-xYIUiHUpxnQYir2Tu_fqEuT442jjOJ1DDR0W8MTsUS54Rg8wawkQ4hBQ_bNgR1nOMG0sDAPNbXmvhcxJGgk_QEbl8P9gDb-e9utWsOXH0so90vAcA_4vYBzg3QYFr4BGdm85YkKZYN9bonVlCbeOVjps2r6yR7fUx41T3dB4aSwD5hHRaThhzOJzUFpK_lelbtXazeQ5hlkvan3N9lT0R_Q-mgS59CBwao0p2SwO-w0RWA79zrg5A9n7mlN3lOcdrL_1ITmfijpu-WNa_sr-zwATllN_RzgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgGYCwHICwGADAGwE4XAtQrQEwDYEwOIFAHYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRo0MITvpASJs7O1fI9MWyT8wRv-42xf6Dy_tqxgJg0TbOYJzDtBs8fK7jtOWd1s7mYkBGseXdjyUDNqI8%26sig%3DAOD64_2g-Tja_e6sjTx-01sfCop8rd6thA%26client%3Dca-pub-5410484939036777%26dbm_c%3DAKAmf-CxbUgm3hyV4hkMOr2GDrCtogKPcaJz3-DKTHIJ8W20t2bu7Cr-NsVwD5Gk2hlhPlMAUKb38gPFngEniALcD9npFDoNKiiSfIw146qQvT5QW6GWLAn2iS4xuistLPsZpLZDxMpmfoqGwj51uGnbWSHit4f7zA%26cry%3D1%26dbm_d%3DAKAmf-CYQ7fjk9eluZwR-bdbQtTR3StuzO9GM1xex6Eoc2h8f7mQLss83duem0cpVzdM0mGwZhUiY2AdFD0DA1i6XXRHDwoCidYJJtK7rj-Ugzev_Gi6eQqL2JVKb0NqTCcOEMsktZedu63t0BcQdPsxsKYy7GFtVBA4e6UL37iHXRcV9H9fGEqDRXhCfkfXk-AHYL9BSRKIYAEX97rmowrEWGxbEITwSBtZEVlymyafuIKatU_exomNYd__78eM8DmSwiRpKxTGPIkhpZCAPLRA4kthn7975ZoPWzqChjPTjiJtPtB6CmtAZFgOpkcrf3agI9VYm0clh_e95pxu_O-7ezfz4RtBPDaMmnbE87DC6xYLeLtXDRAzL0jdwBmaDbuN0Dzenvi2hIPjH9xZvVcXSpLfQsYXwRELOdYxVenNqHu6QZ1hxy61hJwsmGnreRkzRE5XfjdQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.promobutler.be%2Fnl%2F&ancestorOrigins=https%3A%2F%2Fwww.promobutler.be&random=1124442612442&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 93cfe3cfa77e1ea5224e693b15302c01022e097e9dbe07d09ac9e2fc60de7a1b

Request headers

Host: hal900025.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=6b34b403e64cbfde
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

Date: Sun, 28 Feb 2021 21:22:03 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 28 Feb 2021 21:22:03 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1333
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame BBFD 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5d2dbf21cd848cccb4aeebf84b4e834095ebaf0a65ddb6447c0062ac1810a07

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 728x90_OMAC_2016_Launch%20(4).jpg
cdn.contentspread.net/24i/advertiser/33019/creativesup/ Frame 33B2 44 KB
44 KB 170ms
50ms Image
image/jpeg 88.99.69.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/33019/creativesup/728x90_OMAC_2016_Launch%20(4).jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=13409400214475500710152011519025&a=87207c4e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.69.99.88.clients.your-server.de
Software: nginx /
Resource Hash: e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d

Request headers

Referer: https://hal900025.redintelligence.net/request_content.php?s=13409400214475500710152011519025&a=87207c4e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 21:22:03 GMT
Last-Modified: Tue, 21 Jun 2016 09:44:26 GMT
Server: nginx
ETag: "57690c7a-af88"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 44936

GET
H/1.1 200
OK viewability Show response
hal900025.redintelligence.net/ Frame 33B2 0
150 B 112ms
40ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/viewability?s=13409400214475500710152011519025&a=e46f920f&vb=m
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=13409400214475500710152011519025&a=87207c4e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900025.redintelligence.net/request_content.php?s=13409400214475500710152011519025&a=87207c4e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 21:22:03 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 33B2 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ECE3 42 B
155 B 39ms
38ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAWCJd3EyHnjjlED7AUdaIqz3ZyPgUVpHdC83JTxL6sz1aCku53KieewMPomU9yXAyo2PCAdsaRLBBet3gUGbbYVgkbK2eWTe8QuPUwtg&sig=Cg0ArKJSzAcRsE-MmazMEAE&id=osdim&mcvt=1000&p=1001,436,1091,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210226&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=932735050&rs=4&met=mue&la=0&cr=0&osd=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.promobutler.be/nl/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 21:22:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.promobutler.be/	1970-01-20 01:14:43	Name: _gw Value: 2.u%5B%2C%2C%2C%2C%5Dv%5B~g0r7l%2C~1%2C~0%5Da()
www.promobutler.be/	1969-12-31 23:59:59	Name: _gs Value: 2.s()
www.promobutler.be/	1970-01-20 01:14:43	Name: _gu Value: 6efcc8cc-6f3b-446c-8ffe-084a2a26fc91
.promobutler.be/	1970-01-19 16:29:09	Name: __asc Value: b87422e5177ea84f4ae98d458d8
.promobutler.be/	1970-01-19 17:12:19	Name: __cfduid Value: db504fc35f559f3b971b776239b4589c61614547317
.promobutler.be/	1970-01-19 16:29:07	Name: _gat_UA-2482376-11 Value: 1
.promobutler.be/	1970-01-20 01:16:09	Name: __auc Value: b87422e5177ea84f4ae98d458d8
.promobutler.be/	1970-01-19 16:30:33	Name: _gid Value: GA1.2.941748548.1614547318
.promobutler.be/	1970-01-20 10:00:19	Name: _ga Value: GA1.2.347463658.1614547318
.promobutler.be/	1970-01-19 16:29:07	Name: _gat_UA-2482376-1 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	error	URL: https://pagead2.googlesyndication.com/pagead/show_ads.js(Line 55) Message: Error: PublisherCodeNotFoundForAma
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://www.promobutler.be/nl/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
app.getsitecontrol.com
be1aaa2b52d49397871dffa40bc3c0c7.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.contentspread.net
cdn.onesignal.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
d31qbv1cthcecs.cloudfront.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900025.redintelligence.net
images.folders.eu
img.folders.eu
media.getsitecontrol.com
pagead2.googlesyndication.com
publish.folders.eu
s0.2mdn.net
securepubads.g.doubleclick.net
st.getsitecontrol.com
stats.g.doubleclick.net
tpc.googlesyndication.com
widgets.getsitecontrol.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.promobutler.be
13.32.24.22
138.201.63.149
138.201.84.245
142.250.186.130
172.217.18.98
2.18.234.21
2600:9000:2156:e000:1e:2c34:5d40:93a1
2606:4700:10::6816:32cf
2606:4700:10::6816:478a
2606:4700::6812:e234
2a00:1450:4001:800::200a
2a00:1450:4001:802::2001
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:400c:c1b::9c
34.226.117.90
62.113.194.2
88.99.69.161
89.187.169.26
99.86.3.55
99.86.3.74
0138d02f7fe6dfe1877a80aa98f27b58f66e386b488906f042e401a9f7ba0c02
032fde15bb914f7b72f941d6936300154424255742adb937c96fa78a927a0f88
0669e5307771f620b7b3336ba8a8332b44e1dac27ea5106266bdf3d919075cfd
07f61ce0912f8dc886fdf24c4c00e468caf0255a6aeaef7363cabc387048ed5f
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f8d385fcce4957a7b464bffe62ceba0d504b19974b10c4acaae708866512ec0
11b0332332b597c0a047784adc7e268b002cff857083029bdb96b373d1712f92
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13d19a27c1c7483c6cedbcb3abbb87f61f232d93c3ecee4a9b854b9a2e89e086
13ec99dce484fd38d9f3d3128a3b7c666cfa8d95d87a9405d5d32eaa3471a366
16a82582f9cda7542379343d7878f169dd1319f00669d6bad7dbf651f7aff52d
16d2aedc3e59b19560e8a6f01407b72517a38f8956b1d3be2b960891bbfc9f17
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
2467a9fefa378b8d57d62d9108794bcd476de6ce2cc1ba42ea85200fd73960b3
2959d09b8d9a85c5ab5df68e43bf1d97acf856164a1b908ef1d224a7fd42ed29
2d51fc4efb5452ca0c74540b1787de710609f5c64a03452e1a22f5d72bfa9ae5
37c0fda6f060beb370e88cf13308331de189f44865731f33f40af675a3a8bb37
37d68543e2968bf548d7a2e2b4a6a99fd60a395eb8bb7826e9622792af763790
41a5a67ebe8d776ff240a5633dac88a6730edb504df682801c843e7724c201de
44903d779d042e8ef57a14c37611b0c13589b5fe384ccc54f24d5bbb1f0c1baf
47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4dc72c062762c415302fc46a2499a5746671f232e1c776b293645bf938a711c0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
512efda63931541c80ee876a3ef0d35a4ac0abb066cc70899c32034df25f33eb
5762ca563ab22d29c6b94cc748d852c746755d6b4569b0be369898fc8fd93b16
5770fd63fcbb8add860088817d8381306795def673c8e753b445d409a6c01368
63597ce62507b55334eb41996b755298fabdf24cec8990de8b546deea4340712
67fc5b241ea1dc200630547afa12ef2fc50852a2d56aa1dc444ff3cb830db7ed
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
7467ffe6b3325fef3c41bad78a26dcc2b3d977d8904a4c15a7ed11432bf0d3da
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ba1c9e7b6dc964790ef4d78b7a313126a16cdeb3f46fa1746d974a42508657
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
885c28405d4a21caba2aca2021c67e32e3c68021ef27fd74dbf08a218b492638
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d7e2e06042ca9b45a11854b260f74803a9374f253caf0cbd1990089ee8f0f3b
8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2
8f3816d7eb954c6381515117a21283591fc27621b57ecf7c757e369c7ef6241c
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
91225b71855e74fc455f4faf34369f4cfa2eb676f4d0d0ca3d43279bf7eb0289
93bddcdc8d853b6518b651e9c837e5754caa4749e927b97ea05b697e150b76f7
93cfe3cfa77e1ea5224e693b15302c01022e097e9dbe07d09ac9e2fc60de7a1b
9410988db1469cb2679c6d4c5db7c1f8b5f3e48c4bcb1a41ee03bd9f750fb0bf
946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13
96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
9dbc2526d42c42178733234e636c3b6846d8e8ace65a3320fe894c4b91b95067
9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f
9f16fbe5d15bf81b2f4712411cd640e6b8e5b351cfde272e4005eeece888bbea
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa059ee73f79a3e204dfe888121a465596b858c98a42c928415e366908c91cbe
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc7630abf0a5ef4d64c7f515eb47d2dae4a38baafa351f79d2696cb3ec5a5d16
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c5c96417eb57649b8f92033a8625441cc8a1f64d1df9db93c6522da22b3a08be
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
cad4c4cb78f1439edee8f2232573f4ea1355a96b4a8619b8d146f651a1d23280
d57b2d25394ff792583bf6a347879d73db78adc7f10e981e5dd0045fa39d592f
d901da313d567e00fa3074fc945a95524d99370354389e7a56aa68882b2ea502
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de1cd1fbcadb11fa5a9efe08dc516b8644a1a855b329d0ff13844265932849f5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
e55388d8d8af1178ec2876e3701a7f015fd3cd641c8fa02913312fdd28033acd
e5d2dbf21cd848cccb4aeebf84b4e834095ebaf0a65ddb6447c0062ac1810a07
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d
e99235caac1dc00f2fb631896feceafc55cadc5fd0bfd6cc673da6dac3f59af2
e99709dfe8ae2f815bd50bd4817978c4e869d881372ffe40922cdc491e891da6
ed193ce1394c7cf4e0491308849f503f0945f68889984dc0c932cfe531468900
ed75f0f8c7db37c3cd62d90eada645a85912bcb37a2ad7cf13863e496f18336a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958
f83e5af5ba829db6a693957b1a736dec99056b65210526b43563b52e64847da7
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
faa63e9b1e3fe828645fa68635cc11c96178c8b182465c3fa305abf0f2edfc59
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e
ffcec1f331426469fa60223394b085594d96298dc661ad51a2a45c45831ec94a

www.promobutler.be Open in urlscan Pro 2606:4700:10::6816:478a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

100 %HTTPS

63 %IPv6

20 Domains

35 Subdomains

32 IPs

3 Countries

3010 kBTransfer

5381 kBSize

10 Cookies

15 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.promobutler.be Open in urlscan Pro
2606:4700:10::6816:478a Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

100 %
HTTPS

63 %
IPv6

20
Domains

35
Subdomains

32
IPs

3
Countries

3010 kB
Transfer

5381 kB
Size

10
Cookies

140 HTTP transactions
8 data transactions