urlscan.io logo urlscan.io
SecurityTrails logo

www.promobutler.be Open in urlscan Pro
104.22.70.138  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://r.email.promobutler.be/mk/cl/f/KVDaAjSpByJjnkwmvsSb4-wlGZfyg3noOvbF00DZseFlBzLrbX-zLcmyt8fYvbQuPiX1xxKE1YXksdpkOt_zIBuf...
Effective URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Submission: On October 23 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 19 domains to perform 92 HTTP transactions. The main IP is 104.22.70.138, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.promobutler.be.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2021. Valid for: a year.
This is the only time www.promobutler.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.107.232.127 200484 (SENDINBLU...)
2 172.67.208.48 13335 (CLOUDFLAR...)
2 104.16.95.65 13335 (CLOUDFLAR...)
1 185.107.232.249 200484 (SENDINBLU...)
12 104.22.70.138 13335 (CLOUDFLAR...)
1 142.250.184.200 15169 (GOOGLE)
11 151.101.2.132 54113 (FASTLY)
3 3 172.67.20.204 13335 (CLOUDFLAR...)
11 142.250.186.174 15169 (GOOGLE)
1 18.66.97.58 16509 (AMAZON-02)
3 89.187.169.47 60068 (CDN77 ^_^)
5 104.18.225.52 13335 (CLOUDFLAR...)
3 8 87.250.250.119 13238 (YANDEX)
1 18.66.97.14 16509 (AMAZON-02)
1 18.66.112.71 16509 (AMAZON-02)
1 44.239.123.56 16509 (AMAZON-02)
1 89.187.169.3 60068 (CDN77 ^_^)
2 108.177.15.156 15169 (GOOGLE)
3 142.250.186.164 15169 (GOOGLE)
1 104.18.226.52 13335 (CLOUDFLAR...)
3 142.250.186.98 15169 (GOOGLE)
11 216.58.212.162 15169 (GOOGLE)
4 142.250.184.194 15169 (GOOGLE)
1 142.250.185.129 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
4 172.217.23.97 15169 (GOOGLE)
1 142.250.186.134 15169 (GOOGLE)
92 27
1    185.107.232.127 (France)

ASN200484 (SENDINBLUE-ASN, FR)
r.email.promobutler.be
2    172.67.208.48 (United States)

ASN13335 (CLOUDFLARENET, US)
sibautomation.com
2    104.16.95.65 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    185.107.232.249 (France)

ASN200484 (SENDINBLUE-ASN, FR)
in-automate.sendinblue.com
12    104.22.70.138 (United States)

ASN13335 (CLOUDFLARENET, US)
www.promobutler.be
1    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
11    151.101.2.132 (United States)

ASN54113 (FASTLY, US)
img.folders.eu
3    172.67.20.204 (United States)

ASN13335 (CLOUDFLARENET, US)
publish.folders.eu
11    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
www.google-analytics.com
1    18.66.97.58 (United States)

ASN16509 (AMAZON-02, US)
d31qbv1cthcecs.cloudfront.net
3    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
widgets.getsitecontrol.com
media.getsitecontrol.com
5    104.18.225.52 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
8    87.250.250.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
1    18.66.97.14 (United States)

ASN16509 (AMAZON-02, US)
certify-js.alexametrics.com
1    18.66.112.71 (United States)

ASN16509 (AMAZON-02, US)
certify.alexametrics.com
1    44.239.123.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-123-56.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    89.187.169.3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-3.cdn77.com
st.getsitecontrol.com
2    108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net
stats.g.doubleclick.net
3    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
1    104.18.226.52 (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googletagservices.com
adservice.google.com
11    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
4    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
1    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
2ded20e41b146ccf752209eb59c324bc.safeframe.googlesyndication.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
4    172.217.23.97 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f97.1e100.net
tpc.googlesyndication.com
1    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
s0.2mdn.net
Domain Requested by
12 www.promobutler.be r.email.promobutler.be
www.promobutler.be
static.cloudflareinsights.com
11 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.promobutler.be
11 img.folders.eu www.promobutler.be
10 pagead2.googlesyndication.com www.promobutler.be
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
6 mc.yandex.com 2 redirects www.promobutler.be
mc.yandex.ru
4 tpc.googlesyndication.com r.email.promobutler.be
tpc.googlesyndication.com
securepubads.g.doubleclick.net
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 www.google.com www.promobutler.be
tpc.googlesyndication.com
3 onesignal.com cdn.onesignal.com
3 publish.folders.eu 3 redirects
2 media.getsitecontrol.com st.getsitecontrol.com
2 www.googletagservices.com www.promobutler.be
securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.google-analytics.com
2 mc.yandex.ru 1 redirects r.email.promobutler.be
2 cdn.onesignal.com r.email.promobutler.be
cdn.onesignal.com
2 static.cloudflareinsights.com sibautomation.com
www.promobutler.be
2 sibautomation.com r.email.promobutler.be
static.cloudflareinsights.com
1 s0.2mdn.net securepubads.g.doubleclick.net
1 googleads4.g.doubleclick.net r.email.promobutler.be
1 2ded20e41b146ccf752209eb59c324bc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 img.onesignal.com www.promobutler.be
1 st.getsitecontrol.com widgets.getsitecontrol.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.promobutler.be
1 certify.alexametrics.com www.promobutler.be
1 certify-js.alexametrics.com r.email.promobutler.be
1 widgets.getsitecontrol.com r.email.promobutler.be
1 d31qbv1cthcecs.cloudfront.net r.email.promobutler.be
1 www.googletagmanager.com www.promobutler.be
1 in-automate.sendinblue.com sibautomation.com
1 r.email.promobutler.be
92 32

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-10 -
2022-07-09		 a year crt.sh
*.sendinblue.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-07 -
2021-12-12		 a year crt.sh
promobutler.be
Cloudflare Inc ECC CA-3		 2021-06-09 -
2022-06-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
img.folders.eu
R3		 2021-09-08 -
2021-12-07		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2020-03-05 -
2022-05-04		 2 years crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
certify-js.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-13 -
2022-11-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Frame ID: F4FA47D9CA4F3E3B788727DC4A1DA561
Requests: 80 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=1991754
Frame ID: 1B1865D00723811BE7352BA790799FF7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Frame ID: E906EB8A8A1CA2B3C5BD2601E83793AA
Requests: 1 HTTP requests in this frame

Frame: https://2ded20e41b146ccf752209eb59c324bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BB99189A014D08B6DA1E341B3B194F5E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CA0D37CBD1071AFB11FCFE4DEC61FFF7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4F54E104085868130678CFD6DF6253E2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE501EEDDE7DD31A0A7EF3648F38E826
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://r.email.promobutler.be/mk/cl/f/KVDaAjSpByJjnkwmvsSb4-wlGZfyg3noOvbF00DZseFlBzLrbX-zLcmyt8fYvbQuPiX1... Page URL
  2. https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

92
Requests

97 %
HTTPS

0 %
IPv6

19
Domains

32
Subdomains

27
IPs

4
Countries

2013 kB
Transfer

4575 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://r.email.promobutler.be/mk/cl/f/KVDaAjSpByJjnkwmvsSb4-wlGZfyg3noOvbF00DZseFlBzLrbX-zLcmyt8fYvbQuPiX1xxKE1YXksdpkOt_zIBufjVsOt2vKPV2geQt7bLI2Kd93G314erPGoYczjHusBJH7MTYWwdCPybzM8OueJeBwfTmMMgZcJvj2M2Lx9ZgsbZbR9LruGERG-d8urJxtv4sm4imNCzl27rnraPSBccmn8-dq05Z0chspJ86zpsOPxlMi63pI51ShjpP4hx2wcYvvZWNic0SC_XYuJw Page URL
  2. https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://publish.folders.eu/publication/2243117/400/9999/cover.png?client=pb HTTP 301
  • https://img.folders.eu/live/publsh/bizz/224/31/17/bizz_2243117.pdf?v=37&fm=auto&page=1&w=400
Request Chain 25
  • https://publish.folders.eu/publication/2239937/400/9999/cover.png?client=pb HTTP 301
  • https://img.folders.eu/live/publsh/bizz/223/99/37/bizz_2239937.pdf?v=2&fm=auto&page=1&w=400
Request Chain 26
  • https://publish.folders.eu/publication/2243780/400/9999/cover.png?client=pb HTTP 301
  • https://img.folders.eu/live/publsh/bizz/224/37/80/bizz_2243780.pdf?v=34&fm=auto&page=1&w=400
Request Chain 54
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9435.I7Pv9tybCKgysKZjuFx_2pHSXrHvdRNOfKC_sf9MCtN_eKFCRFONDSLlYzAPO6zp.w-QIuPc0ixEL-ts-QcqdHRqhHNo%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9435.ps9jEycb5hh_kg4GuukDJ95sVCAMb56OHpY9A5cy5idsEIdtHkjek9mkoFksRVI4ORuQ7nIJcHIvyKK1txqkrw%2C%2C.zUT36JGN3DnlRYwxevz2X2JXnf4%2C
Request Chain 58
  • https://mc.yandex.com/watch/68260960?wmode=7&page-url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&page-ref=http%3A%2F%2Fr.email.promobutler.be%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A926%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A84511021601%3Ahid%3A1067025536%3Az%3A0%3Ai%3A202101023120942%3Aet%3A1634990982%3Ac%3A1%3Arn%3A993517327%3Arqn%3A1%3Au%3A16349909821006663665%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634990980715%3Ads%3A9%2C39%2C438%2C4%2C1%2C0%2C%2C373%2C0%2C%2C%2C%2C1046%3Adsn%3A9%2C40%2C438%2C3%2C0%2C0%2C%2C553%2C0%2C%2C%2C%2C1046%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634990982%3At%3ALidl%20folders%20en%20promoties%20van%20dit%20moment&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.com/watch/68260960/1?wmode=7&page-url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&page-ref=http%3A%2F%2Fr.email.promobutler.be%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A926%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A84511021601%3Ahid%3A1067025536%3Az%3A0%3Ai%3A202101023120942%3Aet%3A1634990982%3Ac%3A1%3Arn%3A993517327%3Arqn%3A1%3Au%3A16349909821006663665%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634990980715%3Ads%3A9%2C39%2C438%2C4%2C1%2C0%2C%2C373%2C0%2C%2C%2C%2C1046%3Adsn%3A9%2C40%2C438%2C3%2C0%2C0%2C%2C553%2C0%2C%2C%2C%2C1046%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634990982%3At%3ALidl%20folders%20en%20promoties%20van%20dit%20moment&t=gdpr%2814%29ti%282%29

92 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
KVDaAjSpByJjnkwmvsSb4-wlGZfyg3noOvbF00DZseFlBzLrbX-zLcmyt8fYvbQuPiX1xxKE1YXksdpkOt_zIBufjVsOt2vKPV2geQt7bLI2Kd93G314erPGoYczjHusBJH7MTYWwdCPybzM8OueJeBwfTmMMgZcJvj2M2Lx9ZgsbZbR9LruGERG-d8urJxtv4sm4...
r.email.promobutler.be/mk/cl/f/ 		743 B
947 B 		Document
General
Check archive.org
Download Go to
Full URL
http://r.email.promobutler.be/mk/cl/f/KVDaAjSpByJjnkwmvsSb4-wlGZfyg3noOvbF00DZseFlBzLrbX-zLcmyt8fYvbQuPiX1xxKE1YXksdpkOt_zIBufjVsOt2vKPV2geQt7bLI2Kd93G314erPGoYczjHusBJH7MTYWwdCPybzM8OueJeBwfTmMMgZcJvj2M2Lx9ZgsbZbR9LruGERG-d8urJxtv4sm4imNCzl27rnraPSBccmn8-dq05Z0chspJ86zpsOPxlMi63pI51ShjpP4hx2wcYvvZWNic0SC_XYuJw
Protocol
HTTP/1.1
Server
185.107.232.127 , France, ASN200484 (SENDINBLUE-ASN, FR),
Reverse DNS
Software
/
Resource Hash
2347c0b77a1bc899b57469d3ef7b7dbbc2a1e3ddb6cb4656af7dd958de25078e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Host
r.email.promobutler.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-length
743
date
Sat, 23 Oct 2021 12:09:40 GMT
content-type
text/html; charset=utf-8
x-sib-server
red1.dc2.51b.tech
x-content-type-options
nosniff
x-xss-protection
1
cm.html
sibautomation.com/ Frame 1B18 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?id=1991754
Requested by
Host: r.email.promobutler.be
URL: http://r.email.promobutler.be/mk/cl/f/KVDaAjSpByJjnkwmvsSb4-wlGZfyg3noOvbF00DZseFlBzLrbX-zLcmyt8fYvbQuPiX1xxKE1YXksdpkOt_zIBufjVsOt2vKPV2geQt7bLI2Kd93G314erPGoYczjHusBJH7MTYWwdCPybzM8OueJeBwfTmMMgZcJvj2M2Lx9ZgsbZbR9LruGERG-d8urJxtv4sm4imNCzl27rnraPSBccmn8-dq05Z0chspJ86zpsOPxlMi63pI51ShjpP4hx2wcYvvZWNic0SC_XYuJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
1a79935d39890c7fe7825b17f2536b309e40dcf0a1b232712c424dbda78c8f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
sibautomation.com
:scheme
https
:path
/cm.html?id=1991754
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://r.email.promobutler.be/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://r.email.promobutler.be/

Response headers

date
Sat, 23 Oct 2021 12:09:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cf-apo-via
origin,host
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by
Sails <sailsjs.com>
access-control-allow-origin
*
x-sib-server
SENDINBLUE-web1-2
x-content-type-options
nosniff
x-xss-protection
1
cache-control
max-age=7200
cf-cache-status
HIT
age
9
last-modified
Sat, 23 Oct 2021 12:09:31 GMT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMI177N%2B5zzxzk4lScFDxJasAml7XlHlYLo7hZR2pUi7l26%2FXpxtMr7NogblW7aaU8eGwcDt%2BE2y%2F6s3SWzPDp7SwB0IvlBduSZbMGeqqxGDXWvi93DmaZEVwTkLGyl6nJBAUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a2adb9cecdff9da-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
beacon.min.js
static.cloudflareinsights.com/ Frame 1B18 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=1991754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sibautomation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:40 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 22:23:12 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6a2adb9d7e9f4125-PRG
cm
in-automate.sendinblue.com/ Frame 1B18 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-automate.sendinblue.com/cm?uuid=a3b4ffb3-7474-44b2-83e8-bd0662072dc6&key=gvuy5rzgowm0tegth6ck8&trans=0&user_id=370753
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=1991754
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.107.232.249 , France, ASN200484 (SENDINBLUE-ASN, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sibautomation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 23 Oct 2021 12:09:40 GMT
Cache-Control
no-cache
X-Content-Type-Options
nosniff
X-XSS-Protection
1
X-Sib-Server
SENDINBLUE-srv-pr-rancher-worker-24
Primary Request winkels
www.promobutler.be/nl/lidl/ 		219 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Requested by
Host: r.email.promobutler.be
URL: http://r.email.promobutler.be/mk/cl/f/KVDaAjSpByJjnkwmvsSb4-wlGZfyg3noOvbF00DZseFlBzLrbX-zLcmyt8fYvbQuPiX1xxKE1YXksdpkOt_zIBufjVsOt2vKPV2geQt7bLI2Kd93G314erPGoYczjHusBJH7MTYWwdCPybzM8OueJeBwfTmMMgZcJvj2M2Lx9ZgsbZbR9LruGERG-d8urJxtv4sm4imNCzl27rnraPSBccmn8-dq05Z0chspJ86zpsOPxlMi63pI51ShjpP4hx2wcYvvZWNic0SC_XYuJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.70.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b48df2ab0ef8e02fd3308ad45b6c20ca06a6f8d8d5a71debef6a999baccc0332
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.promobutler.be
:scheme
https
:path
/nl/lidl/winkels?km_pb_email=guido.goos@live.be
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://r.email.promobutler.be/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://r.email.promobutler.be/

Response headers

date
Sat, 23 Oct 2021 12:09:41 GMT
content-type
text/html;charset=UTF-8
cf-ray
6a2adb9e3b7e27b8-PRG
access-control-allow-origin
*
cache-control
public, max-age=14400
content-language
nl
last-modified
Sat, 23 Oct 2021 12:09:41 GMT
strict-transport-security
max-age=15552000; preload
vary
accept-encoding
cf-cache-status
MISS
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
cache
x-content-type-options
nosniff
x-xss-protection
1; mode=block
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rum
sibautomation.com/cdn-cgi/ Frame 1B18 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sibautomation.com/cm.html?id=1991754
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Sat, 23 Oct 2021 12:09:40 GMT
x-content-type-options
nosniff
server
cloudflare
cf-ray
6a2adb9dedecf9da-PRG
x-frame-options
DENY
rum
sibautomation.com/cdn-cgi/ Frame 1B18 		0
0
producer-detail.min.js
www.promobutler.be/js/ 		484 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.promobutler.be/js/producer-detail.min.js?v=0.0.1-20211008103851.9cd01515
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.70.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521f95a1760dab6d4a73f94383fc4e18b9fb0d19c8649ceabea070dba9b05e53
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/producer-detail.min.js?v=0.0.1-20211008103851.9cd01515
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.promobutler.be
referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
cache
last-modified
Fri, 08 Oct 2021 10:03:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
31622400
content-type
application/javascript
access-control-allow-origin
*
vary
accept-encoding
cache-control
public, max-age=31622400
cf-ray
6a2adba249412774-PRG
producer-detail.min.css
www.promobutler.be/css/ 		188 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.promobutler.be/css/producer-detail.min.css?v=0.0.1-20211008103851.9cd01515
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.70.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa8edd03e38e0752253d02ff224d07670301667943e30fd56bb62fe6d12b63d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/producer-detail.min.css?v=0.0.1-20211008103851.9cd01515
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.promobutler.be
referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
cache
last-modified
Fri, 08 Oct 2021 10:03:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
31622400
content-type
text/css
access-control-allow-origin
*
vary
accept-encoding
cache-control
public, max-age=31622400
cf-ray
6a2adba249402774-PRG
Roboto-Regular.woff2
www.promobutler.be/webfonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.promobutler.be/webfonts/Roboto-Regular.woff2
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.70.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/webfonts/Roboto-Regular.woff2
pragma
no-cache
origin
https://www.promobutler.be
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.promobutler.be
referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Origin
https://www.promobutler.be
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
89090
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
64632
x-xss-protection
1; mode=block
pragma
cache
last-modified
Fri, 08 Oct 2021 10:03:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
31622400
content-type
application/font-woff2
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31622400
accept-ranges
bytes
cf-ray
6a2adba249442774-PRG
Roboto-Bold.woff2
www.promobutler.be/webfonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.promobutler.be/webfonts/Roboto-Bold.woff2
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.70.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/webfonts/Roboto-Bold.woff2
pragma
no-cache
origin
https://www.promobutler.be
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.promobutler.be
referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Origin
https://www.promobutler.be
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
89090
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
64740
x-xss-protection
1; mode=block
pragma
cache
last-modified
Fri, 08 Oct 2021 10:03:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
31622400
content-type
application/font-woff2
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31622400
accept-ranges
bytes
cf-ray
6a2adba249462774-PRG
Roboto-Light.woff2
www.promobutler.be/webfonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.promobutler.be/webfonts/Roboto-Light.woff2
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.70.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/webfonts/Roboto-Light.woff2
pragma
no-cache
origin
https://www.promobutler.be
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.promobutler.be
referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Origin
https://www.promobutler.be
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
89090
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
64320
x-xss-protection
1; mode=block
pragma
cache
last-modified
Fri, 08 Oct 2021 10:03:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
31622400
content-type
application/font-woff2
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31622400
accept-ranges
bytes
cf-ray
6a2adba249482774-PRG
Roboto-Medium.woff2
www.promobutler.be/webfonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.promobutler.be/webfonts/Roboto-Medium.woff2
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.70.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/webfonts/Roboto-Medium.woff2
pragma
no-cache
origin
https://www.promobutler.be
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.promobutler.be
referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Origin
https://www.promobutler.be
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
89090
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
65484
x-xss-protection
1; mode=block
pragma
cache
last-modified
Fri, 08 Oct 2021 10:03:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
31622400
content-type
application/font-woff2
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31622400
accept-ranges
bytes
cf-ray
6a2adba2494a2774-PRG
icomoon.woff2
www.promobutler.be/webfonts/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.promobutler.be/webfonts/icomoon.woff2?c7zx4o
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.70.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db51cc83b8e719d85f8f05904171da933498f4b3c9163bff05c58419f503652e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/webfonts/icomoon.woff2?c7zx4o
pragma
no-cache
origin
https://www.promobutler.be
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.promobutler.be
referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Origin
https://www.promobutler.be
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
89090
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5420
x-xss-protection
1; mode=block
pragma
cache
last-modified
Fri, 08 Oct 2021 10:03:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
31622400
content-type
application/font-woff2
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31622400
accept-ranges
bytes
cf-ray
6a2adba2494b2774-PRG
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:41 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 22:23:12 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6a2adba36ffe4125-PRG
gtm.js
www.googletagmanager.com/ 		114 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDZL236
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
38ec394aaa197e61106ee3765487d200a7098bde33793e304848948a6febc844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:41 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
41739
x-xss-protection
0
expires
Sat, 23 Oct 2021 12:09:41 GMT
icomoon.ttf
www.promobutler.be/webfonts/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.promobutler.be/webfonts/icomoon.ttf?c7zx4o
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/css/producer-detail.min.css?v=0.0.1-20211008103851.9cd01515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.70.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bccbb75744006b250315fc2ff9932b47257c1dbe652103d02db8a075ef6ff51e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/webfonts/icomoon.ttf?c7zx4o
pragma
no-cache
origin
https://www.promobutler.be
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.promobutler.be
referer
https://www.promobutler.be/css/producer-detail.min.css?v=0.0.1-20211008103851.9cd01515
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.promobutler.be/css/producer-detail.min.css?v=0.0.1-20211008103851.9cd01515
Origin
https://www.promobutler.be
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3543
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10260
x-xss-protection
1; mode=block
pragma
cache
last-modified
Fri, 08 Oct 2021 10:03:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
14400
content-type
application/x-font-ttf
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6a2adba38b152774-PRG
checkbox_checked.svg
img.folders.eu/live/promobutler/assets/v2/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.folders.eu/live/promobutler/assets/v2/icons/checkbox_checked.svg
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/css/producer-detail.min.css?v=0.0.1-20211008103851.9cd01515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7783d0b152dccc308d650c235b6186577138532ad341764fa09350b9b861af1d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-gumlet-pc
HIT
date
Sat, 23 Oct 2021 12:09:41 GMT
content-encoding
gzip
x-gumlet-reqid
615e7444145e16a52c4ad1c4
age
1410880
x-cache
HIT
access-control-max-age
1728000
x-gumlet-runtime
1.122
strict-transport-security
max-age=31557600
content-length
1045
x-served-by
cache-hhn4037-HHN
access-control-allow-origin
*
x-timer
S1634990982.765844,VS0,VE1
etag
04880024a1e35bba
vary
accept, Accept-Encoding
content-type
image/avif
via
1.1 varnish
x-fas-reqid
e0a2a277-d83f-480b-942f-1a23237e4f8e
cache-control
public, max-age=8640000, s-maxage=31536000
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1
icon_close.svg
img.folders.eu/live/promobutler/assets/v2/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.folders.eu/live/promobutler/assets/v2/icons/icon_close.svg
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/css/producer-detail.min.css?v=0.0.1-20211008103851.9cd01515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
433729bbb5b3c6d003b6708666424abe50ac01cdaefca6e1ef2d6e24d0b001bf
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-gumlet-pc
HIT
date
Sat, 23 Oct 2021 12:09:41 GMT
content-encoding
gzip
x-gumlet-reqid
61551bd45fb24e4a5f2688dc
age
2023345
x-cache
HIT
access-control-max-age
1728000
x-gumlet-runtime
0.341
strict-transport-security
max-age=31557600
content-length
1102
x-served-by
cache-hhn4037-HHN
access-control-allow-origin
*
x-timer
S1634990982.790116,VS0,VE1
etag
84993782df83135e
vary
accept, Accept-Encoding
content-type
image/avif
via
1.1 varnish
x-fas-reqid
a2098f4f-e648-45a8-a8c7-81be39adcbda
cache-control
public, max-age=8640000, s-maxage=8640000
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1
badplank-of-handdoekhouder--10655234.jpg
img.folders.eu/live/promobutler/articles/2021/10/10/106552/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.folders.eu/live/promobutler/articles/2021/10/10/106552/badplank-of-handdoekhouder--10655234.jpg?w=200&h=200&fm=auto
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b38577a7e7af67d5ccbcd5ca792a05a09a962bd79de97f5d851548104c230c09
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-gumlet-pc
MISS
date
Sat, 23 Oct 2021 12:09:41 GMT
via
1.1 varnish
x-gumlet-reqid
616d00109712e5a357ae8873
age
457589
x-gumlet-oc
HIT
x-cache
HIT
access-control-max-age
1728000
x-gumlet-runtime
0.076
strict-transport-security
max-age=31557600
content-length
5738
x-served-by
cache-hhn4037-HHN
x-timer
S1634990982.915388,VS0,VE1
etag
889852eb442cfef6
vary
accept
content-type
image/avif
access-control-allow-origin
*
x-fas-reqid
d9dc8a68-d302-4f34-ae8f-84ee5edf6fba
cache-control
public, max-age=8640000, s-maxage=31536000
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1
logo_promobutler.be.png
img.folders.eu/live/promobutler/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.folders.eu/live/promobutler/assets/logo_promobutler.be.png?w=300
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7ec5f2ac9aa9d5c88964a168c1e017445750657ab7e1f9a1d8cb0410b9c750f3
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-gumlet-pc
HIT
date
Sat, 23 Oct 2021 12:09:41 GMT
via
1.1 varnish
x-gumlet-reqid
6170bcba06d0ce8d4f0c6122
age
212683
x-cache
HIT
access-control-max-age
1728000
x-gumlet-runtime
0.414
strict-transport-security
max-age=31557600
content-length
4666
x-served-by
cache-hhn4037-HHN
x-timer
S1634990982.915492,VS0,VE1
etag
282ca59de813abc2
vary
accept
content-type
image/webp
access-control-allow-origin
*
x-fas-reqid
2bf19e52-708d-4fbd-a7fa-b3be3891e1b9
cache-control
public, max-age=8640000, s-maxage=8640000
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1
vlecht-met-banketbakkersroom--10655489.jpg
img.folders.eu/live/promobutler/articles/2021/10/10/106554/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.folders.eu/live/promobutler/articles/2021/10/10/106554/vlecht-met-banketbakkersroom--10655489.jpg?w=200&h=200&fm=auto
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b78a7e7b50bb95b37700b587234f062cf268e3a03646e94ecc0d870fd2693962
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-gumlet-pc
HIT
date
Sat, 23 Oct 2021 12:09:41 GMT
via
1.1 varnish
x-gumlet-reqid
617165059aafdd2ea9bbd77d
age
169600
x-cache
HIT
access-control-max-age
1728000
x-gumlet-runtime
0.112
strict-transport-security
max-age=31557600
content-length
7673
x-served-by
cache-hhn4037-HHN
x-timer
S1634990982.919868,VS0,VE1
etag
562915b4a6eb7abf
vary
accept
content-type
image/avif
access-control-allow-origin
*
x-fas-reqid
68cbd9df-5110-4f46-b3c5-0022c0e8ffde
cache-control
public, max-age=8640000, s-maxage=31536000
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1
bizz_2243117.pdf
img.folders.eu/live/publsh/bizz/224/31/17/
Redirect Chain
  • https://publish.folders.eu/publication/2243117/400/9999/cover.png?client=pb
  • https://img.folders.eu/live/publsh/bizz/224/31/17/bizz_2243117.pdf?v=37&fm=auto&page=1&w=400
63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.folders.eu/live/publsh/bizz/224/31/17/bizz_2243117.pdf?v=37&fm=auto&page=1&w=400
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a45301cd5e2b6348a2260874953114795eee4c390c85a114c5d9a954e0d1109a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-gumlet-pc
MISS
date
Sat, 23 Oct 2021 12:09:42 GMT
via
1.1 varnish
x-gumlet-reqid
61659b6cc0ad8af41cd75165
age
942102
x-gumlet-oc
HIT
x-cache
HIT
access-control-max-age
1728000
x-gumlet-runtime
3.2
strict-transport-security
max-age=31557600
content-length
64556
x-served-by
cache-hhn4037-HHN
x-timer
S1634990982.155681,VS0,VE2
etag
aac9a39ce82f0c30
vary
accept
content-type
image/webp
access-control-allow-origin
*
x-fas-reqid
c5109dd9-a707-4568-9f4f-ad70980d5d54
cache-control
public, max-age=8640000, s-maxage=31536000
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1

Redirect headers

pragma
cache
date
Sat, 23 Oct 2021 12:09:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
location
https://img.folders.eu/live/publsh/bizz/224/31/17/bizz_2243117.pdf?v=37&fm=auto&page=1&w=400
cache-control
public
cf-ray
6a2adba54ca5411f-PRG
siliconen-bakmatten--10655744.jpg
img.folders.eu/live/promobutler/articles/2021/10/10/106557/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.folders.eu/live/promobutler/articles/2021/10/10/106557/siliconen-bakmatten--10655744.jpg?w=200&h=200&fm=auto
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af4b3d72c942dc98ce343f773c10f389cf54adc2993e9d29ebc24522482bca52
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-gumlet-pc
MISS
date
Sat, 23 Oct 2021 12:09:41 GMT
via
1.1 varnish
x-gumlet-reqid
616cf15ff48460edca3cb4fc
age
461351
x-gumlet-oc
MISS
x-cache
HIT
access-control-max-age
1728000
x-gumlet-runtime
0.259
strict-transport-security
max-age=31557600
content-length
5067
x-served-by
cache-hhn4037-HHN
x-timer
S1634990982.919979,VS0,VE1
etag
2e5b4e5614ba586e
vary
accept
content-type
image/avif
access-control-allow-origin
*
x-fas-reqid
b6f5748a-c092-4f6c-83a0-c45e22c979b2
cache-control
public, max-age=8640000, s-maxage=31536000
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1
silvercrest-keukenradio-dab---10655747.jpg
img.folders.eu/live/promobutler/articles/2021/10/10/106557/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.folders.eu/live/promobutler/articles/2021/10/10/106557/silvercrest-keukenradio-dab---10655747.jpg?w=200&h=200&fm=auto
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1e2685f2c4fd2404a906c0b92986397173a87d79b78e3c29ba547869dfb3fefa
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-gumlet-pc
MISS
date
Sat, 23 Oct 2021 12:09:41 GMT
via
1.1 varnish
x-gumlet-reqid
616d0010b0e71e1008aca7e9
age
457589
x-gumlet-oc
HIT
x-cache
HIT
access-control-max-age
1728000
x-gumlet-runtime
0.054
strict-transport-security
max-age=31557600
content-length
4327
x-served-by
cache-hhn4037-HHN
x-timer
S1634990982.920005,VS0,VE1
etag
128888fa45c2d3cc
vary
accept
content-type
image/avif
access-control-allow-origin
*
x-fas-reqid
ff844d03-925e-409c-aa86-ec3265c3b62e
cache-control
public, max-age=8640000, s-maxage=31536000
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1
lidl.png
img.folders.eu/live/promobutler/producer/logo/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.folders.eu/live/promobutler/producer/logo/lidl.png?w=400&h=200&fm=auto
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c0917a118c7a30626c535398421f1aa70bde83f0776ce51a82c50da2d4769e7f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-gumlet-pc
HIT
date
Sat, 23 Oct 2021 12:09:41 GMT
via
1.1 varnish
x-gumlet-reqid
615e9ffd246f38ddc752fb04
age
1399688
x-cache
HIT
access-control-max-age
1728000
x-gumlet-runtime
0.431
strict-transport-security
max-age=31557600
content-length
7062
x-served-by
cache-hhn4037-HHN
x-timer
S1634990982.920040,VS0,VE1
etag
711ae832930dc757
vary
accept
content-type
image/webp
access-control-allow-origin
*
x-fas-reqid
e3339b42-12ac-4bed-9e96-35a72121527e
cache-control
public, max-age=8640000, s-maxage=31536000
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1
bizz_2239937.pdf
img.folders.eu/live/publsh/bizz/223/99/37/
Redirect Chain
  • https://publish.folders.eu/publication/2239937/400/9999/cover.png?client=pb
  • https://img.folders.eu/live/publsh/bizz/223/99/37/bizz_2239937.pdf?v=2&fm=auto&page=1&w=400
44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.folders.eu/live/publsh/bizz/223/99/37/bizz_2239937.pdf?v=2&fm=auto&page=1&w=400
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b137ce33f391b5f42f3242d4e925e3c1ae9a988c1c889a5af9b89d930f01d6da
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-gumlet-pc
HIT
date
Sat, 23 Oct 2021 12:09:42 GMT
via
1.1 varnish
x-gumlet-reqid
61555ef7469fc69258853bab
age
2006159
x-cache
HIT
access-control-max-age
1728000
x-gumlet-runtime
0.536
strict-transport-security
max-age=31557600
content-length
45292
x-served-by
cache-hhn4037-HHN
x-timer
S1634990982.155734,VS0,VE1
etag
878cf688f4e0668b
vary
accept
content-type
image/webp
access-control-allow-origin
*
x-fas-reqid
49cb396d-4e72-4c1f-8d5f-5fc090653ea1
cache-control
public, max-age=8640000, s-maxage=31536000
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1

Redirect headers

pragma
cache
date
Sat, 23 Oct 2021 12:09:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
location
https://img.folders.eu/live/publsh/bizz/223/99/37/bizz_2239937.pdf?v=2&fm=auto&page=1&w=400
cache-control
public
cf-ray
6a2adba54ca7411f-PRG
bizz_2243780.pdf
img.folders.eu/live/publsh/bizz/224/37/80/
Redirect Chain
  • https://publish.folders.eu/publication/2243780/400/9999/cover.png?client=pb
  • https://img.folders.eu/live/publsh/bizz/224/37/80/bizz_2243780.pdf?v=34&fm=auto&page=1&w=400
50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.folders.eu/live/publsh/bizz/224/37/80/bizz_2243780.pdf?v=34&fm=auto&page=1&w=400
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df4705d6e024bc456b308e5328120789d60a03bbb7702c8c10167336aa72b9e4
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-gumlet-pc
MISS
date
Sat, 23 Oct 2021 12:09:42 GMT
via
1.1 varnish
x-gumlet-reqid
616cd4489712e5a357adb5b1
age
468794
x-gumlet-oc
HIT
x-cache
HIT
access-control-max-age
1728000
x-gumlet-runtime
3.115
strict-transport-security
max-age=31557600
content-length
51306
x-served-by
cache-hhn4037-HHN
x-timer
S1634990982.157134,VS0,VE1
etag
60f8b637a971de90
vary
accept
content-type
image/webp
access-control-allow-origin
*
x-fas-reqid
dcfde01f-a0e6-4f23-af29-23b931281fbc
cache-control
public, max-age=8640000, s-maxage=31536000
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1

Redirect headers

pragma
cache
date
Sat, 23 Oct 2021 12:09:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
location
https://img.folders.eu/live/publsh/bizz/224/37/80/bizz_2243780.pdf?v=34&fm=auto&page=1&w=400
cache-control
public
cf-ray
6a2adba54ca8411f-PRG
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZL236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
515
date
Sat, 23 Oct 2021 12:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sat, 23 Oct 2021 14:01:06 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: r.email.promobutler.be
URL: http://r.email.promobutler.be/mk/cl/f/KVDaAjSpByJjnkwmvsSb4-wlGZfyg3noOvbF00DZseFlBzLrbX-zLcmyt8fYvbQuPiX1xxKE1YXksdpkOt_zIBufjVsOt2vKPV2geQt7bLI2Kd93G314erPGoYczjHusBJH7MTYWwdCPybzM8OueJeBwfTmMMgZcJvj2M2Lx9ZgsbZbR9LruGERG-d8urJxtv4sm4imNCzl27rnraPSBccmn8-dq05Z0chspJ86zpsOPxlMi63pI51ShjpP4hx2wcYvvZWNic0SC_XYuJw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
15444135
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 59d5785a1d012a54118141e7e216a493.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P2
X-Amz-Cf-Id
tXzd019ARj-zdQg0Ja-KDQ6bUvfHYW2lpSKxJc05ICg9tC76rDRHMg==
script.js
widgets.getsitecontrol.com/138533/ 		42 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.getsitecontrol.com/138533/script.js
Requested by
Host: r.email.promobutler.be
URL: http://r.email.promobutler.be/mk/cl/f/KVDaAjSpByJjnkwmvsSb4-wlGZfyg3noOvbF00DZseFlBzLrbX-zLcmyt8fYvbQuPiX1xxKE1YXksdpkOt_zIBufjVsOt2vKPV2geQt7bLI2Kd93G314erPGoYczjHusBJH7MTYWwdCPybzM8OueJeBwfTmMMgZcJvj2M2Lx9ZgsbZbR9LruGERG-d8urJxtv4sm4imNCzl27rnraPSBccmn8-dq05Z0chspJ86zpsOPxlMi63pI51ShjpP4hx2wcYvvZWNic0SC_XYuJw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
0fecba2eae600b3c4110f129ab8800c3a8d0c0743dda3b139250681a7c43d5c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:41 GMT
content-encoding
gzip
cdn-edgestorageid
756
x-amz-request-id
D8P6WTFAAHA9XH0J
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
10/23/2021 12:27:21
cdn-pullzone
44619
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
j/5rxOVRiKse7fVciwzlLdjPvb2Z7Pl0swTsfZEz9fBiAAVClOOXhUwoabH7ZXqnqN+Ez0UG8nA=
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Sat, 23 Oct 2021 10:26:05 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=5
cdn-requestid
7432bb2890b20e34807fc9163b1588f8
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: r.email.promobutler.be
URL: http://r.email.promobutler.be/mk/cl/f/KVDaAjSpByJjnkwmvsSb4-wlGZfyg3noOvbF00DZseFlBzLrbX-zLcmyt8fYvbQuPiX1xxKE1YXksdpkOt_zIBufjVsOt2vKPV2geQt7bLI2Kd93G314erPGoYczjHusBJH7MTYWwdCPybzM8OueJeBwfTmMMgZcJvj2M2Lx9ZgsbZbR9LruGERG-d8urJxtv4sm4imNCzl27rnraPSBccmn8-dq05Z0chspJ86zpsOPxlMi63pI51ShjpP4hx2wcYvvZWNic0SC_XYuJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.225.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:41 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1685
etag
W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6a2adba5484b2798-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 26 Oct 2021 12:09:41 GMT
tag.js
mc.yandex.ru/metrika/ 		189 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: r.email.promobutler.be
URL: http://r.email.promobutler.be/mk/cl/f/KVDaAjSpByJjnkwmvsSb4-wlGZfyg3noOvbF00DZseFlBzLrbX-zLcmyt8fYvbQuPiX1xxKE1YXksdpkOt_zIBufjVsOt2vKPV2geQt7bLI2Kd93G314erPGoYczjHusBJH7MTYWwdCPybzM8OueJeBwfTmMMgZcJvj2M2Lx9ZgsbZbR9LruGERG-d8urJxtv4sm4imNCzl27rnraPSBccmn8-dq05Z0chspJ86zpsOPxlMi63pI51ShjpP4hx2wcYvvZWNic0SC_XYuJw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
c6a4d8f73399e915b1c7631f266760918f2a72d155f6611b9539d08ff6a1559b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
br
last-modified
Fri, 22 Oct 2021 12:25:47 GMT
etag
"6172839b-10089"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65673
expires
Sat, 23 Oct 2021 13:09:42 GMT
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: r.email.promobutler.be
URL: http://r.email.promobutler.be/mk/cl/f/KVDaAjSpByJjnkwmvsSb4-wlGZfyg3noOvbF00DZseFlBzLrbX-zLcmyt8fYvbQuPiX1xxKE1YXksdpkOt_zIBufjVsOt2vKPV2geQt7bLI2Kd93G314erPGoYczjHusBJH7MTYWwdCPybzM8OueJeBwfTmMMgZcJvj2M2Lx9ZgsbZbR9LruGERG-d8urJxtv4sm4imNCzl27rnraPSBccmn8-dq05Z0chspJ86zpsOPxlMi63pI51ShjpP4hx2wcYvvZWNic0SC_XYuJw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
15444135
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 0c688bb347bc402edc1209f13e04d88c.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P2
X-Amz-Cf-Id
ozJr63I4BQ5Bcfm5Vj36NWPyR_VxHXeh-tyTAG1_uav7yJGQ3kyu3g==
user
www.promobutler.be/ 		0
318 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.promobutler.be/user
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/js/producer-detail.min.js?v=0.0.1-20211008103851.9cd01515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.70.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/user
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.promobutler.be
referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 12:09:42 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
*
access-control-max-age
0
cache-control
private, max-age=0, no-cache
strict-transport-security
max-age=15552000; preload
cf-ray
6a2adba54e2b2774-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
i18n
www.promobutler.be/ 		68 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.promobutler.be/i18n
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/js/producer-detail.min.js?v=0.0.1-20211008103851.9cd01515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.70.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1a3f9789aa77a3c08d2db600ed0afe68c84e0b329a863ee45bbcc8bb84251f5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

:path
/i18n
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.promobutler.be
referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-max-age
0
cache-control
private, max-age=0, no-cache
strict-transport-security
max-age=15552000; preload
cf-ray
6a2adba54e2f2774-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-railgun
direct (starting new WAN connection)
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Lidl%20folders%20en%20promoties%20van%20dit%20moment&time=1634990981927&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=http%3A%2F%2Fr.email.promobutler.be%2F&host_url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&random_number=13481340550&sess_cookie=bac75c1c17cad0e832608653eef&sess_cookie_flag=1&user_cookie=bac75c1c17cad0e832608653eef&user_cookie_flag=1&dynamic=true&domain=promobutler.be&account=uRpxu1DTcA20Ug&jsv=20130128&user_lang=en-US
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 02:07:26 GMT
Via
1.1 0c39e892d8c809025c8f47425847f681.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
36507
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA56-P5
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
EOrvfpmYBUP2RvzXYMbs91o5Vwe_XHLF5Hv37KJ6GtslplBwnnqQ_Q==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.123.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-123-56.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
server
Server
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.225.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1589
etag
W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6a2adba59c21410d-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 26 Oct 2021 12:09:42 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=116110928&t=pageview&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&dr=http%3A%2F%2Fr.email.promobutler.be%2F&ul=en-us&de=UTF-8&dt=Lidl%20folders%20en%20promoties%20van%20dit%20moment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1988704938&gjid=615300009&cid=23670807.1634990982&tid=UA-2482376-1&_gid=800366232.1634990982&_r=1&gtm=2wgak0NDZL236&z=1094024347
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.promobutler.be/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 12:09:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.promobutler.be
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=116110928&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&dr=http%3A%2F%2Fr.email.promobutler.be%2F&ul=en-us&de=UTF-8&dt=Lidl%20folders%20en%20promoties%20van%20dit%20moment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=item&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id_level_1%22%3A%2245%22%2C%22cat_id_level_2%22%3A%222805%22%2C%22cat_id_level_3%22%3A%2267495%22%2C%22folder_id%22%3A%22134195%22%2C%22folder_name%22%3A%22jambooty_2243117%22%2C%22is_mobile%22%3A%22false%22%2C%22item_id%22%3A%2210655744%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224704%22%7D&_u=YEDAAEABAAAAAC~&jid=637691845&gjid=1103090384&cid=23670807.1634990982&tid=UA-2482376-11&_gid=800366232.1634990982&_r=1&gtm=2wgak0NDZL236&cd1=4704&cd4=nl&cd6=134195&cd7=false&z=1177848794
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.promobutler.be/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 12:09:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.promobutler.be
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=116110928&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&dr=http%3A%2F%2Fr.email.promobutler.be%2F&ul=en-us&de=UTF-8&dt=Lidl%20folders%20en%20promoties%20van%20dit%20moment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=producer&ea=view&el=%7B%22is_mobile%22%3A%22false%22%2C%22is_organic%22%3Afalse%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A4704%2C%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%7D&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=23670807.1634990982&tid=UA-2482376-1&_gid=800366232.1634990982&gtm=2wgak0NDZL236&cd1=4704&cd4=nl&cd7=false&z=668288351
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Oct 2021 23:43:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44759
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=116110928&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&dr=http%3A%2F%2Fr.email.promobutler.be%2F&ul=en-us&de=UTF-8&dt=Lidl%20folders%20en%20promoties%20van%20dit%20moment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B43%2C%2062%2C%2075%2C%2085%2C%2091%2C%20106%5D%22%2C%22folder_id%22%3A%22134411%22%2C%22folder_name%22%3A%22jambooty_2243780%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224704%22%7D&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=23670807.1634990982&tid=UA-2482376-11&_gid=800366232.1634990982&gtm=2wgak0NDZL236&cd1=4704&cd4=nl&cd6=134411&cd7=false&z=471831265
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Oct 2021 23:43:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44759
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=116110928&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&dr=http%3A%2F%2Fr.email.promobutler.be%2F&ul=en-us&de=UTF-8&dt=Lidl%20folders%20en%20promoties%20van%20dit%20moment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=item&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id_level_1%22%3A%2294%22%2C%22cat_id_level_2%22%3A%221787%22%2C%22cat_id_level_3%22%3A%2270481%22%2C%22folder_id%22%3A%22134195%22%2C%22folder_name%22%3A%22jambooty_2243117%22%2C%22is_mobile%22%3A%22false%22%2C%22item_id%22%3A%2210655234%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224704%22%7D&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=23670807.1634990982&tid=UA-2482376-11&_gid=800366232.1634990982&gtm=2wgak0NDZL236&cd1=4704&cd4=nl&cd6=134195&cd7=false&z=375119452
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Oct 2021 23:43:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44759
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=116110928&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&dr=http%3A%2F%2Fr.email.promobutler.be%2F&ul=en-us&de=UTF-8&dt=Lidl%20folders%20en%20promoties%20van%20dit%20moment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B74%2C%20105%5D%22%2C%22folder_id%22%3A%22133040%22%2C%22folder_name%22%3A%22jambooty_2239937%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224704%22%7D&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=23670807.1634990982&tid=UA-2482376-11&_gid=800366232.1634990982&gtm=2wgak0NDZL236&cd1=4704&cd4=nl&cd6=133040&cd7=false&z=1362183392
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Oct 2021 23:43:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44759
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=116110928&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&dr=http%3A%2F%2Fr.email.promobutler.be%2F&ul=en-us&de=UTF-8&dt=Lidl%20folders%20en%20promoties%20van%20dit%20moment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=item&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id_level_1%22%3A%2239%22%2C%22cat_id_level_2%22%3A%221720%22%2C%22cat_id_level_3%22%3A%2272716%22%2C%22folder_id%22%3A%22134195%22%2C%22folder_name%22%3A%22jambooty_2243117%22%2C%22is_mobile%22%3A%22false%22%2C%22item_id%22%3A%2210655489%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224704%22%7D&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=23670807.1634990982&tid=UA-2482376-11&_gid=800366232.1634990982&gtm=2wgak0NDZL236&cd1=4704&cd4=nl&cd6=134195&cd7=false&z=1810553933
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Oct 2021 23:43:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44759
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=116110928&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&dr=http%3A%2F%2Fr.email.promobutler.be%2F&ul=en-us&de=UTF-8&dt=Lidl%20folders%20en%20promoties%20van%20dit%20moment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=folder&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id%22%3A%22%5B39%2C%2041%2C%2045%2C%2062%2C%2090%2C%20106%5D%22%2C%22folder_id%22%3A%22134195%22%2C%22folder_name%22%3A%22jambooty_2243117%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224704%22%7D&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=23670807.1634990982&tid=UA-2482376-11&_gid=800366232.1634990982&gtm=2wgak0NDZL236&cd1=4704&cd4=nl&cd6=134195&cd7=false&z=723731560
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Oct 2021 23:43:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44759
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=116110928&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&dr=http%3A%2F%2Fr.email.promobutler.be%2F&ul=en-us&de=UTF-8&dt=Lidl%20folders%20en%20promoties%20van%20dit%20moment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=producer&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22is_mobile%22%3A%22false%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224704%22%7D&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=23670807.1634990982&tid=UA-2482376-11&_gid=800366232.1634990982&gtm=2wgak0NDZL236&cd1=4704&cd4=nl&cd6=134195&cd7=false&z=1967492021
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Oct 2021 23:43:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44759
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=116110928&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&dr=http%3A%2F%2Fr.email.promobutler.be%2F&ul=en-us&de=UTF-8&dt=Lidl%20folders%20en%20promoties%20van%20dit%20moment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=item&ea=glimpse&el=%7B%22origin%22%3A%22be%22%2C%22mainlocation%22%3A%22be%22%2C%22cat_id_level_1%22%3A%2287%22%2C%22cat_id_level_2%22%3A%221562%22%2C%22cat_id_level_3%22%3A%2271197%22%2C%22folder_id%22%3A%22134195%22%2C%22folder_name%22%3A%22jambooty_2243117%22%2C%22is_mobile%22%3A%22false%22%2C%22item_id%22%3A%2210655747%22%2C%22language%22%3A%22nl%22%2C%22shop_id%22%3A%224704%22%7D&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=23670807.1634990982&tid=UA-2482376-11&_gid=800366232.1634990982&gtm=2wgak0NDZL236&cd1=4704&cd4=nl&cd6=134195&cd7=false&z=1686300342
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Oct 2021 23:43:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44759
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
runtime.2.10.4.js
st.getsitecontrol.com/main/runtime/ 		403 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.getsitecontrol.com/main/runtime/runtime.2.10.4.js
Requested by
Host: widgets.getsitecontrol.com
URL: https://widgets.getsitecontrol.com/138533/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE1-752 /
Resource Hash
e99235caac1dc00f2fb631896feceafc55cadc5fd0bfd6cc673da6dac3f59af2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
br
cdn-edgestorageid
565
x-amz-request-id
ZS7AFK87WK8YAYV1
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
2021-06-08 20:31:21
cdn-pullzone
44631
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
CWo4Z80zBDR47RV0eHMeZODQO5FZeagUXk9giRhV68OfFrL7wtfzKvqe2AQ27n885dBrZtiNlUM=
access-control-allow-origin
*
last-modified
Mon, 24 Sep 2018 08:05:29 GMT
server
BunnyCDN-DE1-752
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=2592000
cdn-requestid
0c7e1ec936a0b6f41dbc6ee0b180214b
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
collect
stats.g.doubleclick.net/j/ 		2 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-2482376-11&cid=23670807.1634990982&jid=637691845&gjid=1103090384&_gid=800366232.1634990982&_u=YEDAAEABAAAAAC~&z=1773013531
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.promobutler.be/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 23 Oct 2021 12:09:42 GMT
content-type
text/plain
access-control-allow-origin
https://www.promobutler.be
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-2482376-1&cid=23670807.1634990982&jid=1988704938&gjid=615300009&_gid=800366232.1634990982&_u=YEBAAAAAAAAAAC~&z=1272226867
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.promobutler.be/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 23 Oct 2021 12:09:42 GMT
content-type
text/plain
access-control-allow-origin
https://www.promobutler.be
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/5f14bf2d-fb70-4a75-b8ce-ca6bc398ec81/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/5f14bf2d-fb70-4a75-b8ce-ca6bc398ec81/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.225.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec4554fb8cda0ef0081ca1ca3a10b5907af181d0e4141f3d1bb3331907561e9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3541
cf-polished
origSize=4480
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
74f1d8ae-7de5-4554-a33c-471a298f9c33
x-runtime
0.097276
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"8c6765a8606d56b056897217ea91d46c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6a2adba629d42798-PRG
access-control-allow-headers
SDK-Version
expires
Sat, 23 Oct 2021 13:09:42 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-2482376-11&cid=23670807.1634990982&jid=637691845&_u=YEDAAEABAAAAAC~&z=1366091250
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 12:09:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-2482376-1&cid=23670807.1634990982&jid=1988704938&_u=YEBAAAAAAAAAAC~&z=262910658
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 12:09:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9435.I7Pv9tybCKgysKZjuFx_2pHSXrHvdRNOfKC_sf9MCtN_eKFCRFONDSLlYzAPO6zp.w-QIuPc0ixEL-ts-QcqdHRqhHNo%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9435.ps9jEycb5hh_kg4GuukDJ95sVCAMb56OHpY9A5cy5idsEIdtHkjek9mkoFksRVI4ORuQ7nIJcHIvyKK1txqkrw%2C%2C.zUT36JGN3DnlRYwxevz2X2JXnf4%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9435.ps9jEycb5hh_kg4GuukDJ95sVCAMb56OHpY9A5cy5idsEIdtHkjek9mkoFksRVI4ORuQ7nIJcHIvyKK1txqkrw%2C%2C.zUT36JGN3DnlRYwxevz2X2JXnf4%2C
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9435.ps9jEycb5hh_kg4GuukDJ95sVCAMb56OHpY9A5cy5idsEIdtHkjek9mkoFksRVI4ORuQ7nIJcHIvyKK1txqkrw%2C%2C.zUT36JGN3DnlRYwxevz2X2JXnf4%2C
date
Sat, 23 Oct 2021 12:09:42 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
last-modified
Wed, 20 Oct 2021 16:44:53 GMT
etag
"61701d55-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 23 Oct 2021 13:09:42 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.225.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1677
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=259200
cf-ray
6a2adba72e33410d-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 26 Oct 2021 12:09:42 GMT
icon
onesignal.com/api/v1/apps/5f14bf2d-fb70-4a75-b8ce-ca6bc398ec81/ 		176 B
604 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/5f14bf2d-fb70-4a75-b8ce-ca6bc398ec81/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.226.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbe1d6f8f4ebae58dd2f8d6ba787ee5c3b4a4d15e01c8e213ae765349d4ffa9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
4093249a-6dd4-4c7c-93b3-790731af6ee7
x-runtime
0.010357
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"bbe1d6f8f4ebae58dd2f8d6ba787ee5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7200
cf-ray
6a2adba78d66413e-PRG
access-control-allow-headers
SDK-Version
expires
Sat, 23 Oct 2021 14:09:42 GMT
1
mc.yandex.com/watch/68260960/
Redirect Chain
  • https://mc.yandex.com/watch/68260960?wmode=7&page-url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&page-ref=http%3A%2F%2Fr.email.promobutler.be%2F&cha...
  • https://mc.yandex.com/watch/68260960/1?wmode=7&page-url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&page-ref=http%3A%2F%2Fr.email.promobutler.be%2F&c...
364 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/68260960/1?wmode=7&page-url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&page-ref=http%3A%2F%2Fr.email.promobutler.be%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A926%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A84511021601%3Ahid%3A1067025536%3Az%3A0%3Ai%3A202101023120942%3Aet%3A1634990982%3Ac%3A1%3Arn%3A993517327%3Arqn%3A1%3Au%3A16349909821006663665%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634990980715%3Ads%3A9%2C39%2C438%2C4%2C1%2C0%2C%2C373%2C0%2C%2C%2C%2C1046%3Adsn%3A9%2C40%2C438%2C3%2C0%2C0%2C%2C553%2C0%2C%2C%2C%2C1046%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634990982%3At%3ALidl%20folders%20en%20promoties%20van%20dit%20moment&t=gdpr%2814%29ti%282%29
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
b46cbc1c99ddc46f6c94ce8f6e143b3e61bb75b793d5fe850770b926e1ecc7fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 12:09:42 GMT
x-content-type-options
nosniff
last-modified
Sat, 23-Oct-2021 12:09:42 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.promobutler.be
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
364
x-xss-protection
1; mode=block
expires
Sat, 23-Oct-2021 12:09:42 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 12:09:42 GMT
last-modified
Sat, 23-Oct-2021 12:09:42 GMT
location
/watch/68260960/1?wmode=7&page-url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&page-ref=http%3A%2F%2Fr.email.promobutler.be%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A926%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A84511021601%3Ahid%3A1067025536%3Az%3A0%3Ai%3A202101023120942%3Aet%3A1634990982%3Ac%3A1%3Arn%3A993517327%3Arqn%3A1%3Au%3A16349909821006663665%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634990980715%3Ads%3A9%2C39%2C438%2C4%2C1%2C0%2C%2C373%2C0%2C%2C%2C%2C1046%3Adsn%3A9%2C40%2C438%2C3%2C0%2C0%2C%2C553%2C0%2C%2C%2C%2C1046%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634990982%3At%3ALidl%20folders%20en%20promoties%20van%20dit%20moment&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.promobutler.be
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 23-Oct-2021 12:09:42 GMT
be5e2fda-d852-4a9f-a446-b88b0277e3d8.png
img.onesignal.com/t/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/t/be5e2fda-d852-4a9f-a446-b88b0277e3d8.png
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.225.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df5f4a1af30176d4ff660df794ebea661cd3a8b49cfc49eeeb51f4d4a4b44d42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
cf-cache-status
HIT
age
3540
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16239
x-amz-id-2
OLAWk/5GhseDBB9/xbLPUtozJLWGhBiaIDZaQ6D9MC3qkiZ0lU7yJ3OsX0e5yTOeYm2JOo7zJqA=
last-modified
Thu, 20 Dec 2018 13:18:32 GMT
server
cloudflare
etag
"041c8bcb6b783e3df28c003ea0690a3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
RJRZ9K6644ZZR45D
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6a2adba87d602798-PRG
expires
Tue, 23 Nov 2021 12:09:42 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
396966db542c4bd587ec99dfa750a98b99d89a80e1a30a423e26e0687892ce1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1022 / 395 of 1000 / last-modified: 1634854038"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27199
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 23 Oct 2021 12:09:42 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
a231dfad9092738d0321c9c0131dbd182b4388e6c31255908d8353d6e6b73fd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51096
x-xss-protection
0
server
cafe
etag
1981098145779728362
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 12:09:42 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ 		112 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.promobutler.be
URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
07b8ef3d8e4260d1b768d9f3ff045763ed7ee08ee7b8ab70e70118742987896f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40403
x-xss-protection
0
server
cafe
etag
15358625093618020659
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 12:09:42 GMT
rum
www.promobutler.be/cdn-cgi/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.promobutler.be/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.70.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://www.promobutler.be
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
__asc=bac75c1c17cad0e832608653eef; __auc=bac75c1c17cad0e832608653eef; _ga=GA1.2.23670807.1634990982; _gid=GA1.2.800366232.1634990982; _gat_UA-2482376-1=1; _gat_UA-2482376-11=1; _ym_uid=16349909821006663665; _ym_d=1634990982; _gu=9b80640f-4176-4ec7-b3e1-dd91d00ba7d6; _gs=2.s(src%3Dhttp%3A%2F%2Fr.email.promobutler.be%2F); _gw=2.u%5B%2C%2C%2C%2C%5Dv%5B~g8249%2C~1%2C~0%5Da(); _ym_isad=2; _ym_visorc=w
content-length
23305
:path
/cdn-cgi/rum?
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.promobutler.be
referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.promobutler.be
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6a2adba8fc472774-PRG
vary
Origin
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame E906 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211020/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.promobutler.be/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 22 Oct 2021 15:13:19 GMT
expires
Fri, 05 Nov 2021 15:13:19 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
75383
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/ 		271 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js?bust=31063229
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
b3099a97a0b5afb6b70810bb2fc1486758d2ab006055d11f197356482bdd0e89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99030
x-xss-protection
0
server
cafe
etag
12563767464436874777
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 12:09:42 GMT
pubads_impl_2021101901.js
securepubads.g.doubleclick.net/gpt/ 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125444
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 23 Oct 2021 12:09:42 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		93 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.promobutler.be
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9d3544d4ba086d6a8db50c02d1c454d727d8bc2adbff25b335cf80f6dbba2dbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
87
x-xss-protection
0
expires
Sat, 23 Oct 2021 12:09:42 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.promobutler.be
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 12:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		166 KB
57 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1923023930653331&correlator=3188413670709553&output=ldjh&impl=fifs&eid=31063267%2C31062525%2C31063139%2C31062931&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211023&iu_parts=8525112%2CPB_Bannerslot_Shop_Lidl%2CMW_SKYSCRAPER_shops&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C728x90%2C728x90%2C728x90%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1634990981&dt=1634990982834&dlt=1634990981386&idt=1407&frm=20&biw=1600&bih=1200&oid=2&adxs=544%2C-9%2C544%2C-9%2C-9&adys=1024%2C-9%2C4117%2C-9%2C-9&adks=4172230306%2C1762574279%2C3638941695%2C3036886080%2C2189258927&ucis=1%7C2%7C3%7C4%7C5&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&ref=http%3A%2F%2Fr.email.promobutler.be%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1063x20%7C0x-1%7C1063x20%7C0x-1%7C0x-1&msz=728x0%7C0x-1%7C728x0%7C0x-1%7C0x-1&ga_vid=23670807.1634990982&ga_sid=1634990983&ga_hid=116110928&ga_fc=true&fws=4%2C2%2C4%2C2%2C2&ohw=1600%2C0%2C1600%2C0%2C0&btvi=0%7C-1%7C1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
31da6af2a8e9984baa3725fcfbc3f20d0479f7243099d5fe6e79611c9f5c38da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
58579
x-xss-protection
0
google-lineitem-id
5577224792,-1,5577224792,5577224792,5577224792
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138350464079,-1,138350869405,138338172995,138338220336
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.promobutler.be
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		0
0
container.html
2ded20e41b146ccf752209eb59c324bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BB99 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2ded20e41b146ccf752209eb59c324bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2ded20e41b146ccf752209eb59c324bc.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.promobutler.be/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 23 Oct 2021 12:09:42 GMT
expires
Sun, 23 Oct 2022 12:09:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
dd257a8e8c15ec1b2b9733deae4cac71_214573444.jpg
media.getsitecontrol.com/main/images/138533/ 		201 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.getsitecontrol.com/main/images/138533/dd257a8e8c15ec1b2b9733deae4cac71_214573444.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
f34d070df199c7297a2fca5664c9c2162492051a54abc9721c0ef2e6002824ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:43 GMT
cdn-edgestorageid
756
x-amz-request-id
HYEQJ3RRBKAYYXGV
cdn-cachedat
10/23/2021 00:17:24
cdn-pullzone
44663
content-length
205749
x-amz-id-2
LbzUAjYDSe4SKzHqfKxPrqUNZQnfmBeygzKx0tC29LLPnb5Ct2xiNopWn9PtfGkNHVPZf+Y7Gx0=
server
BunnyCDN-DE1-756
last-modified
Tue, 19 Oct 2021 08:44:06 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
max-age=2592000
cdn-requestid
7553336e0df49085141abdfb4535d145
accept-ranges
bytes
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
dd257a8e8c15ec1b2b9733deae4cac71_214573444.jpg
media.getsitecontrol.com/main/images/138533/ 		201 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.getsitecontrol.com/main/images/138533/dd257a8e8c15ec1b2b9733deae4cac71_214573444.jpg
Requested by
Host: st.getsitecontrol.com
URL: https://st.getsitecontrol.com/main/runtime/runtime.2.10.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
f34d070df199c7297a2fca5664c9c2162492051a54abc9721c0ef2e6002824ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:43 GMT
cdn-edgestorageid
756
x-amz-request-id
HYEQJ3RRBKAYYXGV
cdn-cachedat
10/23/2021 00:17:24
cdn-pullzone
44663
content-length
205749
x-amz-id-2
LbzUAjYDSe4SKzHqfKxPrqUNZQnfmBeygzKx0tC29LLPnb5Ct2xiNopWn9PtfGkNHVPZf+Y7Gx0=
server
BunnyCDN-DE1-756
last-modified
Tue, 19 Oct 2021 08:44:06 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
max-age=2592000
cdn-requestid
6cece2b0031e15062c430b82c660ccc0
accept-ranges
bytes
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
truncated
/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91225b71855e74fc455f4faf34369f4cfa2eb676f4d0d0ca3d43279bf7eb0289

Request headers

Referer
Origin
https://www.promobutler.be
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
application/octet-stream
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstXr4RS7XHoIv3T5qUGADUtVLt4hB-xpFH_a83lmijE95z7SrZdhGH20zr8NIrZHo4VZJDLs-2ghzegi8cT8Qq-oSGFMTWgxZNKen6XaZgdDXHF5wXVripMAPuMaRVEaIG3eLP-s0Kby6A0K2xmrCPMyx84rCrGd4IPcX-99ffknHCr591YuawGOP3R7_TfOreTuEYdU96TCWOI7RH1cayyNrAT8zfdagQv98ORkxd9SNAYbOeFmoDqYsZrBxmmnmI5sbR9nqk0O5M5TPW-rhtRXNFOny8ozvoVKI3j4oYUWA2iOV3m2BIB1WfjblkrjvJWzyZHcC94P0x8FwTkFzde5nbjVkAczywzhCQW56aOqbZ--aZ5Zq-G&sai=AMfl-YSb7w7cwR8IyM67QXBftuuTjnAOKfLe5pxQolccjbDmwVnH95J36hQ_eH2qYFnpbmkyyiFFYM33s20Flp6yv1uLdJ8jvraccyKHxDX2nRs_-sOaLsgwQ1N1BHIIGyM&sig=Cg0ArKJSzODNEDw08ewMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: r.email.promobutler.be
URL: http://r.email.promobutler.be/mk/cl/f/KVDaAjSpByJjnkwmvsSb4-wlGZfyg3noOvbF00DZseFlBzLrbX-zLcmyt8fYvbQuPiX1xxKE1YXksdpkOt_zIBufjVsOt2vKPV2geQt7bLI2Kd93G314erPGoYczjHusBJH7MTYWwdCPybzM8OueJeBwfTmMMgZcJvj2M2Lx9ZgsbZbR9LruGERG-d8urJxtv4sm4imNCzl27rnraPSBccmn8-dq05Z0chspJ86zpsOPxlMi63pI51ShjpP4hx2wcYvvZWNic0SC_XYuJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 12:09:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 23 Oct 2021 12:09:43 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: r.email.promobutler.be
URL: http://r.email.promobutler.be/mk/cl/f/KVDaAjSpByJjnkwmvsSb4-wlGZfyg3noOvbF00DZseFlBzLrbX-zLcmyt8fYvbQuPiX1xxKE1YXksdpkOt_zIBufjVsOt2vKPV2geQt7bLI2Kd93G314erPGoYczjHusBJH7MTYWwdCPybzM8OueJeBwfTmMMgZcJvj2M2Lx9ZgsbZbR9LruGERG-d8urJxtv4sm4imNCzl27rnraPSBccmn8-dq05Z0chspJ86zpsOPxlMi63pI51ShjpP4hx2wcYvvZWNic0SC_XYuJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167262
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 21 Oct 2022 13:42:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.promobutler.be/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 23 Oct 2021 12:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 12:09:43 GMT
PB_DKVL_728X90_NL__12639a6a-939d-43d1-bb33-8bd06775aca8_.jpg
s0.2mdn.net/9149037/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9149037/PB_DKVL_728X90_NL__12639a6a-939d-43d1-bb33-8bd06775aca8_.jpg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
5fb982c821ea51ca88aedaae5e767903db84acf2a7395d1993765cc9d7a7bd14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:44 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 14:26:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
67509
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Oct 2021 12:09:44 GMT
truncated
/ 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7edec0cee7ad6a6361c43637c0c0c0f1549650283fc06843fdaafd08ebe2e44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CA0D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.promobutler.be/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 10:57:28 GMT
expires
Sat, 22 Oct 2022 10:57:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
90735
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame CA0D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
47468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWlhedG_qUzqC25isfmqX2Unr46wSvzXCHBACtWwEQVwAXIXfwbX6Dip6aydUnsASIik8QQv7VBIAZwW7yVf3oHcww_dHq0L1tdf73_cbwUkFEG93jCFAp8gJO2KHuo2COWWDyo0VQBDzOp21EqWlVKIQUbAAiBe8MpkQd21QVTx9ugWye2V2es8i-fMndqSJBkl5tZcx4zuhKxoBF-pNsJBFxzI_DfwUyBQtQkBUGF-bAIFooXgcljQ7QrTyllfMUVmtBJ9tEMlfWvqE2ohJ64ue2vfsGyvGGkbOsbEtX9vh3uocJ8P2wyVAW4yWjC40AMw&sai=AMfl-YQLB62iuWayorZSaMETXB4VfUgh3IJb_u7W2R9E6gNvnq38HTKURfI1j5fxHQNV5LvMYvTQ2cGPw5bUOv4kpPX09qntwOIXcQjtDyldmrTLJdNwZa6ipJtAsf2e9Ic&sig=Cg0ArKJSzJ0ct-NIxFVkEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 12:09:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 23 Oct 2021 12:09:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
bffcaae6854237853fc6f63a3acb02e7ea220108a865c44f7dbf6b0e981957a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 12:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8669
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 23 Oct 2021 12:09:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4F54 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.promobutler.be/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 23 Oct 2021 12:01:24 GMT
expires
Sun, 23 Oct 2022 12:01:24 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
500
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame BE50 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
c0a3f68cf86a1647359899abeb535215b59ba9957a251d4d5e563480f6dc8d06
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IekQQ56vN/45ZP8O5AU3IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.promobutler.be/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 23 Oct 2021 12:09:44 GMT
date
Sat, 23 Oct 2021 12:09:44 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-IekQQ56vN/45ZP8O5AU3IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
515
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/pagead/ Frame BE50 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101901&jk=1923023930653331&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame 4F54 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
47468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA0D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjPexhvtzYdusOofjgAe185zoCQAAAAA4AeAEAg&bg=!r6ylrOjNAAbUs_yW1LM7ACkAdvg8WkBB8gqmt5lhvEsM0_EQLvOTd7w2GszZyTVfFihcdhT9C94NKQIAAACJUgAAAAloAQeZAtHwWBNxld_HnHJO1BafLgycP8IJTI1w7ov-DVNuJsI7aet4C2bDt0qaU9jbrIKW7hxV5zXw9av0rz6l1d_icpZRYzqqag2ji1cX2q0iFscpPb-mMoye-bTSzrS3Nzo6EuVPgYwfmA_1IEB5l6kCCjOZbyWnK9_53LYKwoZB8bpTwvO_7_PkO8kCQM6pTe8-HisFt2OX5c1ZlJoLBObA6Pe9VmYyPu6qKps-CX5lgZgTmdfcdwLlOoKMtVicSbupcRuGfB6dbf0u1UgH2FZBWx_fGPDDBDwNKPV-bh3Lo82KqZ60vmeIXasxqgLCVqtyXFEAzDkse3Tzezfa81em4zXw9QY1zhE4SDKFxMJgJCtsUTSp01h3YMXMptMZ2oKeoAZ1IcOc9k25I_6m77geBgC4oRMF0tsXs-SGWR6dF1aIyR-ecAXjc6h9PMvNbMA-UIINZEF0PUYBKkS_WT85nInwlboP_radG93FcY786jJeEkulImwFnEfSFvzixT4ZyPgp3DQR-cvxxfJRQ6ypW10lUgh160apKffiairDd2Qt_bQrc9bDHBXbRI-1YMsmpOqQW_vt1x8EAwEgavkHEO9j2LsiNqqRdN6KmVHjep2d6Nhj9d3H3OS0Q2npsJyV185S6GLZJfKjqbwthgBCSHxnZHs0ZDNc_gRXX26tkdjePNa1qnd1aa4YYaIcpOvUqdm4YT8SGwImvfNJUmVSokTcJ5e2EOG4JZNF1qst3DVh9dmmFZho3FsgBVwLKoIkDe8dnC0v9L61CVvMxVdwhLj_NGiT-FJ18BKAVc0-Gu7pw4Hhdybh2oLTgVdqHn9GgTRkgpJ_gWm0tYzjjzmgTlqRZOK3-T0jbUoYZ4cO9aay2L2n5-tTfeTBZtVg1wsfnL-NBGPIz7GmS63rUnBTAdEKSlrAkGyIGqtNxVc61XFGy6xWsbpZAoYlOHBc2iRGRLKX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 12:09:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101901&jk=1923023930653331&bg=!WVqlWh7NAAbUs_yW1LM7ACkAdvg8WpZXWd9NsWFCzYpCngUbmhuIDdvMEbTxorLGUI94NjlKeTlkRAIAAABsUgAAAA1oAQeZArngYXzkuX-_ks7a_uCBbzU2SfNPpabWccMILJCup36eMXgwQAsG135C-pyj1COxuu753Gu0c6B_V016hW-OegOVfYnYBr9DacOGFJrnzc8dsypN48e8lXEFtoDxZmJu_T4ZLwPwJCfOBgshF-yZiL20w33NvcFhIKq-oOvPzCUC2BcRY9e1z6gEX-M7rSXbJN7sSXlTaAXY4tikr8qgi1fbBdrVv37bfVX9yv9E9AcB87ABjzxcHic3uBaBltsNNtHu1Ge7RAl0xYFZbF5sYyfl-dWV-I7y0HildPSirx6iTd6ZC25U_nVvcOyYsJ3jGdL41xYmuuulocpzJe4KGJQgaV90dOoyMfXt-nvAXMtSRE-khzxy30zSQK_K2XdNka2iu3bCDyIimh_UyXcN11lL9T-Y3SttqA3hUOJKV1w02hi7rAvceSSJ9vHSjWs07MLpJvIcW-kEft910Q1K3_B7DHh14wr4FIfjUugMSiI1Q42q11s4n9-mTZPxSgdEQA3IXnbwgI9hhHicNNu4mKG4hqcbvWFvE45hs5FtSeanVd67XgWMUZZqfzllD6JIWx1gja1dTR6qxgFD8g2Nbpw9TWE3XVbQv4EQcyFv93xUEGSYuCawpotZGUB8J8k_e478yEjAoCACSrLPhLrtxioIq33d5s1doy3caFSjKjWmshRgLUrlg33p5xRK79KRmm28nCISdCA0ghJZt9yDxxYj062pSPA8Ru3EJ97fDJgEPwWXr5o3a-fBSiG4tYJQOn7ZgnII_FPS6wx_sG7P5z1NEtF6G4CikLaQn6i3a52pRuhIOYClySRiHuJFbvpHo2YgeET_aHDoV9yg7Fk3gOWELlyMm1qw_zNYfzpNPrTQ0WNpFsUhvL8zqzXSpBuiPUVP5MJ7kbdJ9fEFGZVmOSkjOqpg9RSvfsjr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 12:09:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
68260960
mc.yandex.com/webvisor/ 		43 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/68260960?wmode=0&wv-part=1&wv-hit=1067025536&page-url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&rn=535122728&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1634990985%3Aw%3A1600x1200%3Av%3A675%3Az%3A0%3Ai%3A202101023120944%3Au%3A16349909821006663665%3Avf%3A25rt5q1nhcbdg9bm2d%3Awe%3A1%3Ast%3A1634990985&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.promobutler.be/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 12:09:44 GMT
last-modified
Sat, 23-Oct-2021 12:09:44 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.promobutler.be
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 23-Oct-2021 12:09:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZscf9eLphHTPb3fVPKDeYQ1OQ_5rp_u3zDEQgT3NR0xgVKseEV8L_m1NJaQbAeBCwR5zQhVz2ocJNxLIBz--BIM3ZYT20elFf2h48Plgye-AL33ra8x6BdyFDcWVajTmaLHSUVbMRkryBxkb_fHPDjUJ1ZmqSP_6-MQxJCFg4&sig=Cg0ArKJSzIZaXuv06JNTEAE&id=lidar2&mcvt=1000&p=0,0,90,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211020&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=4172230306&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634990980715&rpt=3263&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.promobutler.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 12:09:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sibautomation.com
URL
https://sibautomation.com/cdn-cgi/rum?
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1923023930653331&correlator=3188413670709553&output=ldjh&impl=fifs&eid=31063267%2C31062525%2C31063139%2C31062931&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211023&iu_parts=pub-5410484939036777%2C3034230712&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C728x90%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1634990981&dt=1634990982842&dlt=1634990981386&idt=1407&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9&adys=-9%2C-9%2C-9&adks=3521370440%2C3523122832%2C3521673281&ucis=6%7C7%7C8&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&ref=http%3A%2F%2Fr.email.promobutler.be%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1&ga_vid=23670807.1634990982&ga_sid=1634990983&ga_hid=116110928&ga_fc=true&fws=2%2C2%2C2&ohw=0%2C0%2C0&btvi=-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| pb object| dataLayer object| googletag object| adSlot object| parameters object| __cfBeacon object| google_tag_manager function| _typeof function| _defineProperty function| _classPrivateFieldGet function| _classApplyDescriptorGet function| _classPrivateFieldSet function| _classExtractFieldDescriptor function| _classApplyDescriptorSet function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass object| storageHandler object| favoritesHandler string| regionStorageKey object| nmeReady function| DataStore object| optinHandler object| loginHandler object| userDataService object| eventHandler function| EventHandler function| ModalHandlers object| Utils function| Empty object| _value function| Value object| i18nHandler function| I18NHandler object| GA function| ZoomHandler function| NmeDistance function| RegionService function| doPost function| $ function| jQuery object| Handlebars object| google_tag_data string| GoogleAnalyticsObject function| ga object| _atrk_opts object| _gscq function| OneSignal function| geoLocationSuccess function| ym function| atrk boolean| _atrk_fired object| gaplugins object| gaGlobal object| gaData number| __oneSignalSdkLoadCount function| __jp0 object| Ya object| yaCounter68260960 function| gscwidgets object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle boolean| google_onload_fired object| google_sa_queue object| google_sl_win function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_client object| google_ad_format object| google_ad_height object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_slot object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_ad_width object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| googleToken object| googleIMState function| processGoogleToken function| google_sa_impl boolean| inDapIF boolean| inGptIF object| dicnf object| viewReq function| vu object| GoogleTyFxhY number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| GoogleGcLKhOms object| google_image_requests

23 Cookies

Domain/Path Name / Value
sibautomation.com/ Name: uuid
Value: a3b4ffb3-7474-44b2-83e8-bd0662072dc6
.promobutler.be/ Name: __asc
Value: bac75c1c17cad0e832608653eef
.promobutler.be/ Name: __auc
Value: bac75c1c17cad0e832608653eef
.promobutler.be/ Name: _ga
Value: GA1.2.23670807.1634990982
.promobutler.be/ Name: _gid
Value: GA1.2.800366232.1634990982
.promobutler.be/ Name: _gat_UA-2482376-1
Value: 1
.promobutler.be/ Name: _gat_UA-2482376-11
Value: 1
.promobutler.be/ Name: _ym_uid
Value: 16349909821006663665
.promobutler.be/ Name: _ym_d
Value: 1634990982
www.promobutler.be/ Name: _gu
Value: 9b80640f-4176-4ec7-b3e1-dd91d00ba7d6
www.promobutler.be/ Name: _gs
Value: 2.s(src%3Dhttp%3A%2F%2Fr.email.promobutler.be%2F)
www.promobutler.be/ Name: _gw
Value: 2.u%5B%2C%2C%2C%2C%5Dv%5B~g8249%2C~1%2C~0%5Da()
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1314941898fake
.promobutler.be/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3498254715fake
.yandex.com/ Name: yandexuid
Value: 2286634161634990982
.yandex.com/ Name: yuidss
Value: 2286634161634990982
mc.yandex.com/ Name: yabs-sid
Value: 1036977171634990982
.yandex.com/ Name: i
Value: kA6xDlowP0wSvG4TUoQo8tLoSFsWwW3sjPKOiBwimkiuVJxex7AIo2kbbho19QUKmVCuViQaU8Y8cu7ffng+l3JgEak=
.yandex.com/ Name: ymex
Value: 1666526982.yrts.1634990982#1666526982.yrtsi.1634990982
.promobutler.be/ Name: _ym_visorc
Value: w
.promobutler.be/ Name: __gads
Value: ID=6f2a57777f1aefde-226190a4feca00c9:T=1634990982:S=ALNI_Mb2iyIvEpLAYcKeLYJZc0n0E8_VZg
.doubleclick.net/ Name: IDE
Value: AHWqTUlg8PAlwaS8WK-kQgSOMP66T-HD6ArGHhK1fg1hbVaXm8auAAOpBYgjjPE-RaQ

7 Console Messages

Source Level URL
Text
network error URL: https://www.promobutler.be/user
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9435.ps9jEycb5hh_kg4GuukDJ95sVCAMb56OHpY9A5cy5idsEIdtHkjek9mkoFksRVI4ORuQ7nIJcHIvyKK1txqkrw%2C%2C.zUT36JGN3DnlRYwxevz2X2JXnf4%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://pagead2.googlesyndication.com/pagead/show_ads.js(Line 52)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript error URL: https://www.promobutler.be/nl/lidl/winkels?km_pb_email=guido.goos@live.be
Message:
Access to XMLHttpRequest at 'https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1923023930653331&correlator=3188413670709553&output=ldjh&impl=fifs&eid=31063267%2C31062525%2C31063139%2C31062931&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211023&iu_parts=pub-5410484939036777%2C3034230712&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C728x90%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1634990981&dt=1634990982842&dlt=1634990981386&idt=1407&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9&adys=-9%2C-9%2C-9&adks=3521370440%2C3523122832%2C3521673281&ucis=6%7C7%7C8&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&ref=http%3A%2F%2Fr.email.promobutler.be%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1&ga_vid=23670807.1634990982&ga_sid=1634990983&ga_hid=116110928&ga_fc=true&fws=2%2C2%2C2&ohw=0%2C0%2C0&btvi=-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1' from origin 'https://www.promobutler.be' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1923023930653331&correlator=3188413670709553&output=ldjh&impl=fifs&eid=31063267%2C31062525%2C31063139%2C31062931&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211023&iu_parts=pub-5410484939036777%2C3034230712&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C728x90%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1634990981&dt=1634990982842&dlt=1634990981386&idt=1407&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9&adys=-9%2C-9%2C-9&adks=3521370440%2C3523122832%2C3521673281&ucis=6%7C7%7C8&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.promobutler.be%2Fnl%2Flidl%2Fwinkels%3Fkm_pb_email%3Dguido.goos%40live.be&ref=http%3A%2F%2Fr.email.promobutler.be%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1&ga_vid=23670807.1634990982&ga_sid=1634990983&ga_hid=116110928&ga_fc=true&fws=2%2C2%2C2&ohw=0%2C0%2C0&btvi=-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Message:
Failed to load resource: net::ERR_FAILED
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2ded20e41b146ccf752209eb59c324bc.safeframe.googlesyndication.com
adservice.google.com
cdn.onesignal.com
certify-js.alexametrics.com
certify.alexametrics.com
d31qbv1cthcecs.cloudfront.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
img.folders.eu
img.onesignal.com
in-automate.sendinblue.com
mc.yandex.com
mc.yandex.ru
media.getsitecontrol.com
onesignal.com
pagead2.googlesyndication.com
publish.folders.eu
r.email.promobutler.be
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s0.2mdn.net
securepubads.g.doubleclick.net
sibautomation.com
st.getsitecontrol.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
widgets.getsitecontrol.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.promobutler.be
securepubads.g.doubleclick.net
sibautomation.com
104.16.95.65
104.18.225.52
104.18.226.52
104.22.70.138
108.177.15.156
142.250.181.226
142.250.184.194
142.250.184.200
142.250.185.129
142.250.186.134
142.250.186.164
142.250.186.174
142.250.186.98
151.101.2.132
172.217.23.97
172.67.20.204
172.67.208.48
18.66.112.71
18.66.97.14
18.66.97.58
185.107.232.127
185.107.232.249
216.58.212.162
44.239.123.56
87.250.250.119
89.187.169.3
89.187.169.47
07b8ef3d8e4260d1b768d9f3ff045763ed7ee08ee7b8ab70e70118742987896f
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
0fecba2eae600b3c4110f129ab8800c3a8d0c0743dda3b139250681a7c43d5c8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
1a79935d39890c7fe7825b17f2536b309e40dcf0a1b232712c424dbda78c8f7e
1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591
1e2685f2c4fd2404a906c0b92986397173a87d79b78e3c29ba547869dfb3fefa
2347c0b77a1bc899b57469d3ef7b7dbbc2a1e3ddb6cb4656af7dd958de25078e
31da6af2a8e9984baa3725fcfbc3f20d0479f7243099d5fe6e79611c9f5c38da
38ec394aaa197e61106ee3765487d200a7098bde33793e304848948a6febc844
396966db542c4bd587ec99dfa750a98b99d89a80e1a30a423e26e0687892ce1f
433729bbb5b3c6d003b6708666424abe50ac01cdaefca6e1ef2d6e24d0b001bf
47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
521f95a1760dab6d4a73f94383fc4e18b9fb0d19c8649ceabea070dba9b05e53
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5fb982c821ea51ca88aedaae5e767903db84acf2a7395d1993765cc9d7a7bd14
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157
7783d0b152dccc308d650c235b6186577138532ad341764fa09350b9b861af1d
7ec5f2ac9aa9d5c88964a168c1e017445750657ab7e1f9a1d8cb0410b9c750f3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
91225b71855e74fc455f4faf34369f4cfa2eb676f4d0d0ca3d43279bf7eb0289
96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf
9d3544d4ba086d6a8db50c02d1c454d727d8bc2adbff25b335cf80f6dbba2dbc
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
a231dfad9092738d0321c9c0131dbd182b4388e6c31255908d8353d6e6b73fd7
a45301cd5e2b6348a2260874953114795eee4c390c85a114c5d9a954e0d1109a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
af4b3d72c942dc98ce343f773c10f389cf54adc2993e9d29ebc24522482bca52
b137ce33f391b5f42f3242d4e925e3c1ae9a988c1c889a5af9b89d930f01d6da
b3099a97a0b5afb6b70810bb2fc1486758d2ab006055d11f197356482bdd0e89
b38577a7e7af67d5ccbcd5ca792a05a09a962bd79de97f5d851548104c230c09
b46cbc1c99ddc46f6c94ce8f6e143b3e61bb75b793d5fe850770b926e1ecc7fc
b48df2ab0ef8e02fd3308ad45b6c20ca06a6f8d8d5a71debef6a999baccc0332
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b78a7e7b50bb95b37700b587234f062cf268e3a03646e94ecc0d870fd2693962
bbe1d6f8f4ebae58dd2f8d6ba787ee5c3b4a4d15e01c8e213ae765349d4ffa9a
bccbb75744006b250315fc2ff9932b47257c1dbe652103d02db8a075ef6ff51e
bffcaae6854237853fc6f63a3acb02e7ea220108a865c44f7dbf6b0e981957a6
c0917a118c7a30626c535398421f1aa70bde83f0776ce51a82c50da2d4769e7f
c0a3f68cf86a1647359899abeb535215b59ba9957a251d4d5e563480f6dc8d06
c6a4d8f73399e915b1c7631f266760918f2a72d155f6611b9539d08ff6a1559b
d1a3f9789aa77a3c08d2db600ed0afe68c84e0b329a863ee45bbcc8bb84251f5
d7edec0cee7ad6a6361c43637c0c0c0f1549650283fc06843fdaafd08ebe2e44
db51cc83b8e719d85f8f05904171da933498f4b3c9163bff05c58419f503652e
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df4705d6e024bc456b308e5328120789d60a03bbb7702c8c10167336aa72b9e4
df5f4a1af30176d4ff660df794ebea661cd3a8b49cfc49eeeb51f4d4a4b44d42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99235caac1dc00f2fb631896feceafc55cadc5fd0bfd6cc673da6dac3f59af2
ec4554fb8cda0ef0081ca1ca3a10b5907af181d0e4141f3d1bb3331907561e9d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34d070df199c7297a2fca5664c9c2162492051a54abc9721c0ef2e6002824ef
fa8edd03e38e0752253d02ff224d07670301667943e30fd56bb62fe6d12b63d7
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3