urlscan.io logo urlscan.io
SecurityTrails logo

www.nestlepromo.be Open in urlscan Pro
51.68.86.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.notification.nestle.be/?qs=816af7fffce480a2c08a6af282c49dc6f0e39eb24b9c4f99130c5b305338dfbf85cdb4a475a961636b81e63b14cd...
Effective URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly20...
Submission: On July 30 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 44 HTTP transactions. The main IP is 51.68.86.75, located in France and belongs to OVH, FR. The main domain is www.nestlepromo.be.
TLS certificate: Issued by R3 on July 2nd 2021. Valid for: 3 months.
This is the only time www.nestlepromo.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.36.115 22606 (EXACT-7)
2 15 51.68.86.75 16276 (OVH)
3 2a02:6ea0:c70... 60068 (CDN77 ^_^)
12 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 51.89.119.165 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
8 104.111.244.187 16625 (AKAMAI-AS)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 18.211.116.125 14618 (AMAZON-AES)
44 9
1    13.111.36.115 (United States)

ASN22606 (EXACT-7, US)
PTR: click.notification.nestle.be
click.notification.nestle.be
15    51.68.86.75 (France)

ASN16276 (OVH, FR)
www.nestlepromo.be
player.qualifio.com
3    2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
assets.qualifio.com
12    2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
files.qualifio.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    51.89.119.165 (London, United Kingdom)

ASN16276 (OVH, FR)
fonts.qualifio.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    104.111.244.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-244-187.deploy.static.akamaitechnologies.com
c.evidon.com
2    2a02:26f0:6c00::210:bab8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
apps.nestle.co.uk
3    18.211.116.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-116-125.compute-1.amazonaws.com
l.evidon.com
Domain Requested by
12 files.qualifio.com www.nestlepromo.be
12 www.nestlepromo.be 2 redirects files.qualifio.com
www.nestlepromo.be
8 c.evidon.com www.nestlepromo.be
c.evidon.com
3 l.evidon.com www.nestlepromo.be
3 player.qualifio.com www.nestlepromo.be
3 assets.qualifio.com www.nestlepromo.be
assets.qualifio.com
2 apps.nestle.co.uk www.googletagmanager.com
1 www.googletagmanager.com www.nestlepromo.be
1 fonts.qualifio.com www.nestlepromo.be
1 cdnjs.cloudflare.com www.nestlepromo.be
1 click.notification.nestle.be 1 redirects
44 11

This site contains links to these domains. Also see Links.

Domain
pages.notification.nestle.be
www.nestle.be
Subject Issuer Validity Valid
www.nestlepromo.be
R3		 2021-07-02 -
2021-09-30		 3 months crt.sh
1191670140.rsc.cdn77.org
R3		 2021-06-15 -
2021-09-13		 3 months crt.sh
1220507597.rsc.cdn77.org
R3		 2021-07-07 -
2021-10-05		 3 months crt.sh
player.qualifio.com
R3		 2021-07-27 -
2021-10-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
fonts.qualifio.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.evidon.com
DigiCert SHA2 Secure Server CA		 2021-05-30 -
2022-06-08		 a year crt.sh
prod11.edgeduck.io
R3		 2021-07-23 -
2021-10-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN
Frame ID: 87EEAFEB72DC3CE5DCEF6CA4858B643B
Requests: 5 HTTP requests in this frame

Frame: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Frame ID: 417CF63324014C88DDFD07D58C238B6C
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.notification.nestle.be/?qs=816af7fffce480a2c08a6af282c49dc6f0e39eb24b9c4f99130c5b305338dfbf85cdb4a4... HTTP 302
    https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_... Page URL

Page Statistics

44
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

11
Subdomains

9
IPs

4
Countries

3870 kB
Transfer

11626 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.notification.nestle.be/?qs=816af7fffce480a2c08a6af282c49dc6f0e39eb24b9c4f99130c5b305338dfbf85cdb4a475a961636b81e63b14cd118122dd8f04a57c9bd3d75dca1eecef0aa1 HTTP 302
    https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/v1.cfm?id=75EE418D-9051-2B50-1697-BD026D090A59&pdomain=https://www.nestlepromo.be&utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN HTTP 302
  • https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?id=75EE418D-9051-2B50-1697-BD026D090A59&pdomain=https://www.nestlepromo.be&utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN HTTP 302
  • https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Smiley-2-NL.html
www.nestlepromo.be/quiz/463567_465/
Redirect Chain
  • https://click.notification.nestle.be/?qs=816af7fffce480a2c08a6af282c49dc6f0e39eb24b9c4f99130c5b305338dfbf85cdb4a475a961636b81e63b14cd118122dd8f04a57c9bd3d75dca1eecef0aa1
  • https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.68.86.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
a255ed8e632faf73c976af6431618ccdcc95dcaed225b0ac8c542922106642dc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.nestlepromo.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:36 GMT
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1, s-maxage=60, max-stale=120
content-encoding
gzip
age
0
server
NCSA/1.4.2
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
transfer-encoding
chunked

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN
Date
Fri, 30 Jul 2021 08:47:35 GMT
Connection
close
Content-Length
253
55F0CC74-B483-427B-855A-F34E61148B5D.min.css
assets.qualifio.com/nestle_belgium/css/ 		1 KB
945 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.qualifio.com/nestle_belgium/css/55F0CC74-B483-427B-855A-F34E61148B5D.min.css
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0533681d4b9e52c993e0fe0c632925a016c0f7a017aba58eb63ede338d8ed3ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:36 GMT
content-encoding
br
x-content-type-options
nosniff
x-77-nzt-ray
AecS3I5Gd3w=
age
41311
x-77-cache
HIT
x-cache
HIT
x-age
529251
alt-svc
quic="195.181.175.47:443"; ma=2592000; v="44,43,39"
x-xss-protection
1; mode=block
x-77-nzt
AcO1ry8XVXPvYxMIAA==
x-accel-expires
@1627710405
last-modified
Mon, 26 Apr 2021 21:26:10 GMT
server
CDN77-Turbo
etag
W/"2d824c8b8223430699b593ee9b607f0b"
vary
Accept-Encoding
x-amz-version-id
UzHasbgRE0WjtG0I5ssu3L_TEWRg82OG
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable, stale-while-revalidate=86400
content-type
text/css
7496A106-A0DD-CAA0-C428BBCE43331838.gif
files.qualifio.com/library/nestle_belgium/pubs/2018/04/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.qualifio.com/library/nestle_belgium/pubs/2018/04/7496A106-A0DD-CAA0-C428BBCE43331838.gif
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
02f64c74ff5e979f732ec1dd218f431befb7967df00ff11dba6a070a5d961ada
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:36 GMT
x-content-type-options
nosniff
x-77-nzt-ray
R3XLx5GQadY=
age
4914
x-cache
REVALIDATED
x-age
49362
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
content-length
1196175
x-xss-protection
1; mode=block
x-77-nzt
AcO1rzUBKkXO0sAAAA==
x-accel-expires
@1627645656
last-modified
Fri, 13 Apr 2018 11:53:52 GMT
server
CDN77-Turbo
etag
"2040301463"
x-77-cache
HIT
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
elastic-apm-opentracing.umd.min.js
files.qualifio.com/kit/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.qualifio.com/kit/elastic-apm-opentracing.umd.min.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a3ec91131cb1e9833446ac708e469d8e105b1eec205e393887f52a89cdd9c07d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:36 GMT
content-encoding
br
x-content-type-options
nosniff
x-77-nzt-ray
I8e6wkwZWec=
age
188
x-77-cache
HIT
x-cache
HIT
x-age
7549
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection
1; mode=block
x-77-nzt
AcO1rzWa/krvfR0AAA==
x-accel-expires
@1627638107
last-modified
Tue, 02 Feb 2021 09:59:38 GMT
server
CDN77-Turbo
etag
W/"2901951519"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
qualp.2.min.js
files.qualifio.com/kit/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.qualifio.com/kit/qualp.2.min.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0900a5648fb7559b1cb512379a9aa461f0a7150083f954f2ddb93d8f8eb28fb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
6304
x-77-cache
HIT
x-cache
HIT
x-age
9910
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection
1; mode=block
x-77-nzt
AcO1rzU7T2LvtiYAAA==
x-accel-expires
@1627635746
last-modified
Thu, 22 Jul 2021 15:21:28 GMT
server
CDN77-Turbo
x-77-nzt-ray
CllRidadsM0=
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=10800
access-control-allow-credentials
true
etag
W/"60f98cf8-4693"
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
v1.cfm
www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/ Frame 417C
Redirect Chain
  • https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/v1.cfm?id=75EE418D-9051-2B50-1697-BD026D090A59&pdomain=https://www.nestlepromo.be&utm_source=newsletter&utm_medium=email&utm_campa...
  • https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?id=75EE418D-9051-2B50-1697-BD026D090A59&pdomain=https://www.nestlepromo.be&utm_source=newsletter&utm_medium=email&utm_...
  • https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
48 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Requested by
Host: files.qualifio.com
URL: https://files.qualifio.com/kit/qualp.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.68.86.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
14046a13e740217d1a94b3dc71d7c9495fadf750e154bebc84d9c34d08f42bd2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.nestlepromo.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN

Response headers

pragma
no-cache
cache-control
no-cache
content-type
text/html;charset=utf-8
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
vary
Accept-Encoding
age
0
server
NCSA/1.4.2
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
upgrade-insecure-requests
x-varnish-hits
0
accept-ranges
bytes
transfer-encoding
chunked

Redirect headers

pragma
no-cache
cache-control
no-cache
location
v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
content-type
text/html;charset=utf-8
date
Fri, 30 Jul 2021 08:47:36 GMT
content-encoding
gzip
vary
Accept-Encoding
age
0
server
NCSA/1.4.2
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
upgrade-insecure-requests
x-varnish-hits
0
content-length
91
jquery.min.js
files.qualifio.com/static/common/js/jquery/1.11.3/ Frame 417C 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
x-77-nzt-ray
plXDQ3P9kHo=
age
7735
x-77-cache
HIT
x-cache
HIT
x-age
7361
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection
1; mode=block
x-77-nzt
AcO1rzW4u67vwRwAAA==
x-accel-expires
@1627638296
last-modified
Fri, 07 Aug 2015 09:43:18 GMT
server
CDN77-Turbo
etag
W/"3668534353"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
jquery-migrate-1.2.1.min.js
files.qualifio.com/static/common/js/jquery/ Frame 417C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.qualifio.com/static/common/js/jquery/jquery-migrate-1.2.1.min.js?v=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
3836
x-77-cache
HIT
x-cache
HIT
x-age
7942
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection
1; mode=block
x-77-nzt
AcO1rzVCpcnvBh8AAA==
x-accel-expires
@1627637715
last-modified
Thu, 08 Oct 2020 08:29:13 GMT
server
CDN77-Turbo
x-iplb-request-id
3344564B:BED6_3626E64B:0050_61038EA6_2AB3C05:1451
x-77-nzt-ray
UsDiJNm9Xvg=
vary
Accept-Encoding
x-object-meta-mtime
1438941216.165561
access-control-allow-origin
*
x-timestamp
1602145752.74165
cache-control
public, max-age=10800
etag
W/eb05d8d73b5b13d8d84308a4751ece96
content-type
application/javascript
jquery-ui.min.css
files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/ Frame 417C 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/jquery-ui.min.css?v=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a5421846ea8b19550ff03785d18e15f700fb56b82d79379856056ae59fc28478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
x-77-nzt-ray
Tz+Uyhyfe9I=
age
10043
x-77-cache
HIT
x-cache
HIT
x-age
7815
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection
1; mode=block
x-77-nzt
AcO1rzXjGr3vhx4AAA==
x-accel-expires
@1627637842
last-modified
Mon, 02 Mar 2020 13:17:56 GMT
server
CDN77-Turbo
etag
W/"1822212208"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
jquery-ui.min.js
files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/ Frame 417C 		235 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/jquery-ui.min.js?v=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e34c0cc1e6cfafa9dd2cf20f1c77d0ffaf293aeb9745cc7d53670e0100f8381d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
x-77-nzt-ray
l/21ENU/P3g=
age
2083
x-77-cache
HIT
x-cache
HIT
x-age
7945
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection
1; mode=block
x-77-nzt
AcO1rzWXqvbvCR8AAA==
x-accel-expires
@1627637712
last-modified
Fri, 07 Aug 2015 13:27:37 GMT
server
CDN77-Turbo
etag
W/"1431326520"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
jquery-ui.min.css
player.qualifio.com/20/js/autocomplete/ Frame 417C 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.qualifio.com/20/js/autocomplete/jquery-ui.min.css
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.68.86.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
5474ee8921895995993d2e2360f6fb9ade26aab74d749c68823e23b6ae562808
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-hits
80
date
Fri, 30 Jul 2021 08:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Jul 2021 19:08:21 GMT
server
NCSA/1.4.2
age
35
etag
W/"15756-1626376101000"
vary
Accept-Encoding
content-type
text/css
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
4999
x-xss-protection
1; mode=block
jquery.fancybox.min.js
files.qualifio.com/static/common/js/fancybox/source/ Frame 417C 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.qualifio.com/static/common/js/fancybox/source/jquery.fancybox.min.js?v=1?v=2.0.6
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9825531d5b00159fcd4e0042f3b5f4fc2eb147cb9974bb54fb20a0d68a763c65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
8554
x-77-cache
HIT
x-cache
HIT
x-age
7945
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection
1; mode=block
x-77-nzt
AcO1rzVf2CbvCR8AAA==
x-accel-expires
@1627637712
last-modified
Thu, 08 Oct 2020 08:29:13 GMT
server
CDN77-Turbo
x-iplb-request-id
3344564B:CE76_3626E64B:0050_61037C35_3802BC6:57FE
x-77-nzt-ray
v/UunJekqg0=
vary
Accept-Encoding
x-object-meta-mtime
1438946395.171265
access-control-allow-origin
*
x-timestamp
1602145752.42726
cache-control
public, max-age=10800
etag
W/9989bced5bb75fecbef2dbca0d7f8228
content-type
application/javascript
jquery.fancybox.css
files.qualifio.com/static/common/js/fancybox/source/ Frame 417C 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://files.qualifio.com/static/common/js/fancybox/source/jquery.fancybox.css?v=1?v=2.0.6
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
11578b6e7afc3a18b6c21a953875c3670b822fff5c7bfa7119ad30186d2c29cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
x-77-nzt-ray
Gi2pc6ShVPM=
age
5066
x-77-cache
HIT
x-cache
HIT
x-age
7945
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection
1; mode=block
x-77-nzt
AcO1rzWHW9jvCR8AAA==
x-accel-expires
@1627637712
last-modified
Wed, 26 Feb 2020 11:31:05 GMT
server
CDN77-Turbo
etag
W/"915859904"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
jquery.validate.js
www.nestlepromo.be/20/js/validate/ Frame 417C 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nestlepromo.be/20/js/validate/jquery.validate.js?version=4
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.68.86.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
fba8a618ef77fbc5cebc12ca68497499f595c802a29a24863fc9fcc1f56592a6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.nestlepromo.be
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Connection
keep-alive
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-hits
0
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Jul 2021 19:08:21 GMT
server
NCSA/1.4.2
age
0
etag
W/"47393-1626376101000"
vary
Accept-Encoding
content-type
application/javascript
transfer-encoding
chunked
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
x-xss-protection
1; mode=block
additional-methods.js
www.nestlepromo.be/20/js/validate/ Frame 417C 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nestlepromo.be/20/js/validate/additional-methods.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.68.86.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
f5682309af2488d0f8bd28817ca161123116117074743284ace0469b7c5608f7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.nestlepromo.be
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Connection
keep-alive
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-hits
0
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Jul 2021 19:08:21 GMT
server
NCSA/1.4.2
age
0
etag
W/"38727-1626376101000"
vary
Accept-Encoding
content-type
application/javascript
transfer-encoding
chunked
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
x-xss-protection
1; mode=block
validateDate.js
www.nestlepromo.be/20/js/validate/ Frame 417C 		217 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nestlepromo.be/20/js/validate/validateDate.js?version=2
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.68.86.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
bd456ba86769041e7f82800178460c1da5846e1ab27cdaeac7b678311d48fe69
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.nestlepromo.be
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Connection
keep-alive
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-hits
0
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Jul 2021 19:08:21 GMT
server
NCSA/1.4.2
age
0
etag
W/"222207-1626376101000"
vary
Accept-Encoding
content-type
application/javascript
transfer-encoding
chunked
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
x-xss-protection
1; mode=block
jquery.inputmask.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/ Frame 417C 		74 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/jquery.inputmask.bundle.min.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d00a43e3b1c901b663bad31799b39eb483cff9bf4e03bce932128d35ce14a9a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
126894
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
20268
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-128e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7S5p1wb8E8L8sVZHRbQ%2BIcN899lr21rC4i5vbBWYdgR6pF0h5IZt9WiRs%2Bo5VasnSKwu5cgkSXxfqUVsTHzbv0KOCG%2FjyVK2ZcCGTLTxcsmOaxTEzW%2FQLXZUMM%2BN2ZJZ6vyLTX5U85sVdBChdPsfwtL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
676d52c28f8f1f2d-FRA
expires
Wed, 20 Jul 2022 08:47:37 GMT
player.css.cfm
www.nestlepromo.be/20/ws/css/ Frame 417C 		40 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nestlepromo.be/20/ws/css/player.css.cfm?questionset=true&justification=true&v=CC7A0E6B518D6D0D7EC0BBE04B2BE819
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.68.86.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
2d908a3008edab40d94af4552478dfba24392deb6f93873d38ed07511b125251
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.nestlepromo.be
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Connection
keep-alive
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-hits
0
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
NCSA/1.4.2
age
0
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=900
transfer-encoding
chunked
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
x-xss-protection
1; mode=block
qlf_datalayer.1.4.0.min.js
files.qualifio.com/static/common/js_new/qlf_datalayer/ Frame 417C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.qualifio.com/static/common/js_new/qlf_datalayer/qlf_datalayer.1.4.0.min.js?v=2
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
48fbe1f57977d227e7e2ee53ba84e2c0e9f93a87d19a2db35df8d7c10a2bf011
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
x-77-nzt-ray
2KqoDArgYho=
age
7208
x-77-cache
HIT
x-cache
HIT
x-age
7473
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection
1; mode=block
x-77-nzt
AcO1rzWrcqPvMR0AAA==
x-accel-expires
@1627638184
last-modified
Fri, 07 Aug 2020 11:56:22 GMT
server
CDN77-Turbo
etag
W/"2190832616"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
_qualifio.min.css
fonts.qualifio.com/fontawesome/css/ Frame 417C 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.qualifio.com/fontawesome/css/_qualifio.min.css?v=20200502
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.89.119.165 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
5b8e09722ea3ae4b6b371a18443033e1808acc23e27a2bd035de52165e453831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 09:33:16 GMT
server
NCSA/1.4.2
age
20
etag
"277f-5c593d4496f00"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
2401
x-xss-protection
1; mode=block
dateAgeCompare.js
www.nestlepromo.be/20/js/ Frame 417C 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nestlepromo.be/20/js/dateAgeCompare.js?v=9.13.3
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.68.86.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
fde07c4fc186e48869476370bcd4a43384ab806e9327b3ed9d2ab2a74d9323e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.nestlepromo.be
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Connection
keep-alive
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-hits
0
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Jul 2021 19:08:21 GMT
server
NCSA/1.4.2
age
0
etag
W/"4870-1626376101000"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
915
x-xss-protection
1; mode=block
CC1AC516-5C79-4D5F-84E1-D5CE0430CAFB.min.css
assets.qualifio.com/nestle_belgium/css/ Frame 417C 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.qualifio.com/nestle_belgium/css/CC1AC516-5C79-4D5F-84E1-D5CE0430CAFB.min.css
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7f3c3911d549ab8f93cf40d4a557827efdbee75d87de67c0f185f24dcbf0e8ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
x-77-nzt-ray
rIqca4DYpg0=
age
163838
x-77-cache
HIT
x-cache
HIT
x-age
521826
alt-svc
quic="195.181.175.47:443"; ma=2592000; v="44,43,39"
x-xss-protection
1; mode=block
x-77-nzt
AcO1ry949jLvYvYHAA==
x-accel-expires
@1627717831
last-modified
Fri, 27 Nov 2020 11:12:57 GMT
server
CDN77-Turbo
etag
W/"a59d3704c42dc34cf943edb7f3936724"
vary
Accept-Encoding
x-amz-version-id
null
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable, stale-while-revalidate=86400
content-type
text/css
showhide.min.js
files.qualifio.com/static/common/js/banners/ Frame 417C 		268 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://files.qualifio.com/static/common/js/banners/showhide.min.js?v=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f372045a176af5d908a98bd807cf35fbcb3165d71bac093d11bfd531bfc551fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
x-77-nzt-ray
nqIbeQmIrnY=
age
9205
x-77-cache
HIT
x-cache
HIT
x-age
4000
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection
1; mode=block
x-77-nzt
AcO1rzUZos7voA8AAA==
x-accel-expires
@1627641657
last-modified
Tue, 14 Mar 2017 11:02:10 GMT
server
CDN77-Turbo
etag
W/"730067382"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
tldjs.js
player.qualifio.com/20/js/validate/ Frame 417C 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.qualifio.com/20/js/validate/tldjs.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/js/validate/jquery.validate.js?version=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.68.86.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
81fd20c2f288b1b3850e0c91e9cd5a87a61af0a4f2b1719cf0ce238d96e996bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-hits
240
date
Fri, 30 Jul 2021 08:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Jul 2021 19:08:21 GMT
server
NCSA/1.4.2
age
108
etag
W/"94080-1626376101000"
vary
Accept-Encoding
content-type
application/javascript
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
36173
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ Frame 417C 		241 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WPH3HHC
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3bb30213b2e8d2ab1a66d600b2c6a97271f73d2919a2dec974a14814e48107a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58625
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Jul 2021 08:47:37 GMT
qualp.2.min.js
player.qualifio.com/kit/ Frame 417C 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.qualifio.com/kit/qualp.2.min.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.68.86.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
0900a5648fb7559b1cb512379a9aa461f0a7150083f954f2ddb93d8f8eb28fb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 06:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6751
vary
Accept-Encoding
content-length
7662
x-xss-protection
1; mode=block
last-modified
Thu, 22 Jul 2021 15:21:28 GMT
server
NCSA/1.4.2
etag
"60f98cf8-4693"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
elastic-apm-opentracing.umd.min.js
files.qualifio.com/kit/ Frame 417C 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.qualifio.com/kit/elastic-apm-opentracing.umd.min.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a3ec91131cb1e9833446ac708e469d8e105b1eec205e393887f52a89cdd9c07d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
x-77-nzt-ray
Vkw5xWFpW2Q=
age
188
x-77-cache
HIT
x-cache
HIT
x-age
7550
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection
1; mode=block
x-77-nzt
AcO1rzXfWw/vfh0AAA==
x-accel-expires
@1627638107
last-modified
Tue, 02 Feb 2021 09:59:38 GMT
server
CDN77-Turbo
etag
W/"2901951519"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
7578E8A3-0CE3-C84C-79AC6EFC31FE060B.png
assets.qualifio.com/library/nestle_belgium/fonds/2018/04/ Frame 417C 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.qualifio.com/library/nestle_belgium/fonds/2018/04/7578E8A3-0CE3-C84C-79AC6EFC31FE060B.png
Requested by
Host: assets.qualifio.com
URL: https://assets.qualifio.com/nestle_belgium/css/CC1AC516-5C79-4D5F-84E1-D5CE0430CAFB.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0f50656ee4ed2472ffc112714b7afc5c0f18366f9c10cb9d32a8200cff13856d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets.qualifio.com/nestle_belgium/css/CC1AC516-5C79-4D5F-84E1-D5CE0430CAFB.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 30 Jul 2021 08:47:37 GMT
x-content-type-options
nosniff
x-77-nzt-ray
DL3OAq8sZsQ=
age
0
x-cache
REVALIDATED
x-age
13946
alt-svc
quic="195.181.175.47:443"; ma=2592000; v="44,43,39"
content-length
2142419
x-xss-protection
1; mode=block
x-77-nzt
AcO1ry94/zLOejYAAA==
x-accel-expires
@1627645657
last-modified
Fri, 13 Apr 2018 12:18:44 GMT
server
CDN77-Turbo
etag
"3622907189"
x-77-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
evidon-sitenotice-tag.js
c.evidon.com/sitenotice/ Frame 417C 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d2cf84485c656f37b40eae362b5ac483b125832c3a209112c8e5de02d227fa61

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
last-modified
Tue, 13 Jul 2021 19:02:10 GMT
server
AkamaiNetStorage
etag
"bdb03fb50d2f499c02c5dbe01f9acfd5:1626202930.875395"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
16250
expires
Sun, 01 Aug 2021 08:47:37 GMT
country.js
c.evidon.com/geo/ Frame 417C 		294 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/country.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
39699ef2ff7f4cfc54b00ba69dbc53473370396c94a44cb770e2e6fb09310168

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
last-modified
Sat, 14 Mar 2020 23:38:16 GMT
server
AkamaiNetStorage
etag
"5dbb6cae5cbc58bc9b615e88f73e0b65:1584229096.969986"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
accept-ranges
bytes
access-control-allow-headers
*
content-length
200
snthemes.js
c.evidon.com/sitenotice/6367/ Frame 417C 		2 MB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/6367/snthemes.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
558b27337a490dab3d2408c15144cb40742742c2f4a9b1a93f30cb3498bf035d

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
last-modified
Thu, 22 Jul 2021 10:09:40 GMT
server
AkamaiNetStorage
etag
"9d34d34cf26783120626404c63da2883:1626948579.844018"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
67609
expires
Sun, 01 Aug 2021 08:47:37 GMT
settings.js
c.evidon.com/sitenotice/6367/nestlepromo/ Frame 417C 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/6367/nestlepromo/settings.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-2-NL.html?utm_source=newsletter&utm_medium=email&utm_campaign=BE-NLJuly2021MWN
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
319bb1d38842d378135dfa91c601e17a97140b891c7a96adec90245b1d55d46d

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 11:25:29 GMT
server
AkamaiNetStorage
etag
"c5079c3d051008165f4a6186135de1d6:1623410729.071115"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
927
expires
Sun, 01 Aug 2021 08:47:37 GMT
system-alert.nestle.uk.css
apps.nestle.co.uk/nestle/scripts/alert/ Frame 417C 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.nestle.co.uk/nestle/scripts/alert/system-alert.nestle.uk.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPH3HHC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bab8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4139aa3edfe9504bb271d331a0ff080a0bdf0fd330dd00c3066b31bff49bba41

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
last-modified
Wed, 25 Mar 2020 15:45:10 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"047835dbc2d61:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0
accept-ranges
bytes
content-length
2081
expires
Fri, 30 Jul 2021 08:47:37 GMT
system-alert.nestle.uk.v2.js
apps.nestle.co.uk/nestle/scripts/alert/ Frame 417C 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.nestle.co.uk/nestle/scripts/alert/system-alert.nestle.uk.v2.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPH3HHC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bab8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
54251fc631a3d559b6900a19f849ab8bc68ba1de22e7d1d18a09b5c2a7139951

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 06:40:39 GMT
etag
"b770a9f1b913d61:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
3232
expires
Fri, 30 Jul 2021 08:47:37 GMT
store-participation
www.nestlepromo.be/ Frame 417C 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nestlepromo.be/store-participation?client_id
Requested by
Host: files.qualifio.com
URL: https://files.qualifio.com/kit/elastic-apm-opentracing.umd.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.68.86.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
X-Part
-
Host
www.nestlepromo.be
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Cookie
_gcl_au=1.1.1539684526.1627634858
Connection
keep-alive
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Part
-

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
server
Varnish
accept-ranges
bytes
content-type
text/plain
content-length
0
x-varnish
1002470571
store-participation
www.nestlepromo.be/ Frame 417C 		36 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nestlepromo.be/store-participation?client_id
Requested by
Host: files.qualifio.com
URL: https://files.qualifio.com/kit/elastic-apm-opentracing.umd.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.68.86.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Varnish /
Resource Hash
36e0dfceafa3137df0a264c61c2b2aa8c7f679ea51c2409de99e06b8c6552042

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
X-Part
7be92955-26f5-b3b4-7cf6-d9df4bac1465
Host
www.nestlepromo.be
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Cookie
_gcl_au=1.1.1539684526.1627634858
Connection
keep-alive
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Part
7be92955-26f5-b3b4-7cf6-d9df4bac1465

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
server
Varnish
accept-ranges
bytes
content-type
text/plain
etag
7be92955-26f5-b3b4-7cf6-d9df4bac1465
content-length
36
x-varnish
1002470572
events
www.nestlepromo.be/egw/ Frame 417C 		2 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nestlepromo.be/egw/events
Requested by
Host: files.qualifio.com
URL: https://files.qualifio.com/kit/elastic-apm-opentracing.umd.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.68.86.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.nestlepromo.be
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
_gcl_au=1.1.1539684526.1627634858
Connection
keep-alive
Content-Length
569
Pragma
no-cache
Host
www.nestlepromo.be
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
x-content-type-options
nosniff
server
NCSA/1.4.2
age
0
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
2
x-xss-protection
1; mode=block
en.js
c.evidon.com/sitenotice/6367/translations/ Frame 417C 		2 MB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/6367/translations/en.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
392fa7978940efaf8414b5ac74d7d30c47e03d4ae1ba97e6050686a97ab6da5a

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
last-modified
Fri, 09 Jul 2021 15:20:07 GMT
server
AkamaiNetStorage
etag
"82d95aced5ca72280a130181a8bad06b:1625844006.935566"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
41495
expires
Sun, 01 Aug 2021 08:47:37 GMT
fr.js
c.evidon.com/sitenotice/6367/translations/ Frame 417C 		2 MB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/6367/translations/fr.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
19086b8b58d7847cf9ee5d99c01d353ad6350e36696e41a2075bb9a11f0c0886

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
last-modified
Tue, 27 Jul 2021 14:14:19 GMT
server
AkamaiNetStorage
etag
"fde0a2e9d7f8f287451511656f3beac6:1627395258.617036"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
41599
expires
Sun, 01 Aug 2021 08:47:37 GMT
evidon-barrier.js
c.evidon.com/sitenotice/ Frame 417C 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-barrier.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0b407eb4f07ffc0929b1cf94e00515b0c21b2b35df9b5c1de9d60dcdb0a2e746

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
last-modified
Tue, 13 Jul 2021 19:02:11 GMT
server
AkamaiNetStorage
etag
"282d0aad6323c983709c8ba8921e53b6:1626202931.756585"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
3930
expires
Sun, 01 Aug 2021 08:47:37 GMT
2
l.evidon.com/site/v3/6367/57542/20/1/3/ Frame 417C 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/6367/57542/20/1/3/2?consent=0&regulationid=0&regulationconsenttypeid=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.116.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-116-125.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:38 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
6367-20200629143943.png
c.evidon.com/logos/6367/ Frame 417C 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/logos/6367/6367-20200629143943.png
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4eb9a48428ff3a79c1b3b71bc9cec7e5f61dfdbc7164ae47ec066a34dfae94e7

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:37 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 14:39:46 GMT
server
AkamaiNetStorage
etag
"a8e09d1a3aa2953404dcd3b0fc007849:1593441586.075313"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
image/png
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=864000
accept-ranges
bytes
access-control-allow-headers
*
content-length
49821
55579
l.evidon.com/site/v3/6367/57542/20/5/3/2/ Frame 417C 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/6367/57542/20/5/3/2/55579?consent=0&regulationid=0&regulationconsenttypeid=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.116.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-116-125.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:38 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
55579
l.evidon.com/site/v3/6367/57542/20/1/3/2/ Frame 417C 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/6367/57542/20/1/3/2/55579?consent=0&regulationid=0&regulationconsenttypeid=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.116.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-116-125.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nestlepromo.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 08:47:38 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| _qual_init_rum object| _qual_async object| elasticApm

3 Cookies

Domain/Path Name / Value
.nestlepromo.be/ Name: _gcl_au
Value: 1.1.1539684526.1627634858
www.nestlepromo.be/ Name: nimalert
Value: privacy_alert|1|Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)
www.nestlepromo.be/quiz/463567_465 Name: _qual_restore_75EE418D-9051-2B50-1697-BD026D090A59
Value: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s201/v1.cfm?page=1&uk=QFOS7RVW1OG&noback=false&cfid=498fb95b-4c4c-41ca-b931-ef3e2d54f50d&cftoken=0&fbappiframe=false

2 Console Messages

Source Level URL
Text
console-api warning URL: https://files.qualifio.com/kit/elastic-apm-opentracing.umd.min.js(Line 1)
Message:
[Elastic APM] RUM agent is inactive
console-api warning URL: https://files.qualifio.com/kit/elastic-apm-opentracing.umd.min.js(Line 1)
Message:
[Elastic APM] RUM agent is inactive

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.nestle.co.uk
assets.qualifio.com
c.evidon.com
cdnjs.cloudflare.com
click.notification.nestle.be
files.qualifio.com
fonts.qualifio.com
l.evidon.com
player.qualifio.com
www.googletagmanager.com
www.nestlepromo.be
104.111.244.187
13.111.36.115
18.211.116.125
2606:4700::6810:135e
2a00:1450:4001:82b::2008
2a02:26f0:6c00::210:bab8
2a02:6ea0:c700::2
2a02:6ea0:c700::4
51.68.86.75
51.89.119.165
02f64c74ff5e979f732ec1dd218f431befb7967df00ff11dba6a070a5d961ada
0533681d4b9e52c993e0fe0c632925a016c0f7a017aba58eb63ede338d8ed3ab
0900a5648fb7559b1cb512379a9aa461f0a7150083f954f2ddb93d8f8eb28fb7
0b407eb4f07ffc0929b1cf94e00515b0c21b2b35df9b5c1de9d60dcdb0a2e746
0f50656ee4ed2472ffc112714b7afc5c0f18366f9c10cb9d32a8200cff13856d
11578b6e7afc3a18b6c21a953875c3670b822fff5c7bfa7119ad30186d2c29cf
14046a13e740217d1a94b3dc71d7c9495fadf750e154bebc84d9c34d08f42bd2
19086b8b58d7847cf9ee5d99c01d353ad6350e36696e41a2075bb9a11f0c0886
1d00a43e3b1c901b663bad31799b39eb483cff9bf4e03bce932128d35ce14a9a
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
2d908a3008edab40d94af4552478dfba24392deb6f93873d38ed07511b125251
319bb1d38842d378135dfa91c601e17a97140b891c7a96adec90245b1d55d46d
36e0dfceafa3137df0a264c61c2b2aa8c7f679ea51c2409de99e06b8c6552042
392fa7978940efaf8414b5ac74d7d30c47e03d4ae1ba97e6050686a97ab6da5a
39699ef2ff7f4cfc54b00ba69dbc53473370396c94a44cb770e2e6fb09310168
3bb30213b2e8d2ab1a66d600b2c6a97271f73d2919a2dec974a14814e48107a1
4139aa3edfe9504bb271d331a0ff080a0bdf0fd330dd00c3066b31bff49bba41
48fbe1f57977d227e7e2ee53ba84e2c0e9f93a87d19a2db35df8d7c10a2bf011
4eb9a48428ff3a79c1b3b71bc9cec7e5f61dfdbc7164ae47ec066a34dfae94e7
54251fc631a3d559b6900a19f849ab8bc68ba1de22e7d1d18a09b5c2a7139951
5474ee8921895995993d2e2360f6fb9ade26aab74d749c68823e23b6ae562808
558b27337a490dab3d2408c15144cb40742742c2f4a9b1a93f30cb3498bf035d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b8e09722ea3ae4b6b371a18443033e1808acc23e27a2bd035de52165e453831
7f3c3911d549ab8f93cf40d4a557827efdbee75d87de67c0f185f24dcbf0e8ed
81fd20c2f288b1b3850e0c91e9cd5a87a61af0a4f2b1719cf0ce238d96e996bd
9825531d5b00159fcd4e0042f3b5f4fc2eb147cb9974bb54fb20a0d68a763c65
a255ed8e632faf73c976af6431618ccdcc95dcaed225b0ac8c542922106642dc
a3ec91131cb1e9833446ac708e469d8e105b1eec205e393887f52a89cdd9c07d
a5421846ea8b19550ff03785d18e15f700fb56b82d79379856056ae59fc28478
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
bd456ba86769041e7f82800178460c1da5846e1ab27cdaeac7b678311d48fe69
d2cf84485c656f37b40eae362b5ac483b125832c3a209112c8e5de02d227fa61
e34c0cc1e6cfafa9dd2cf20f1c77d0ffaf293aeb9745cc7d53670e0100f8381d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f372045a176af5d908a98bd807cf35fbcb3165d71bac093d11bfd531bfc551fe
f5682309af2488d0f8bd28817ca161123116117074743284ace0469b7c5608f7
fba8a618ef77fbc5cebc12ca68497499f595c802a29a24863fc9fcc1f56592a6
fde07c4fc186e48869476370bcd4a43384ab806e9327b3ed9d2ab2a74d9323e4