www.nestlepromo.be Open in urlscan Pro
178.33.19.116 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://touch-agency.emsecure.net/optiext/optiextension.dll?ID=B54B9F0Yx3_0uCkU8bSNZ4v2Lm0V7uloxttmv+h277hL4+2RsJkLiqy9vq4GzCArcI7...
Effective URL:
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Submission: On October 16 via api (October 16th 2019, 2:43:19 pm UTC) from BE

Summary HTTP 49 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 10 domains to perform 49 HTTP transactions. The main IP is 178.33.19.116, located in France and belongs to OVH, FR. The main domain is www.nestlepromo.be.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 12th 2019. Valid for: 3 months.

This is the only time www.nestlepromo.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.213.114.167 194.213.114.167	34762 (COMBELL-AS) (COMBELL-AS)
2 17	178.33.19.116 178.33.19.116	16276 (OVH) (OVH)
19	51.89.119.165 51.89.119.165	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6813:c497	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
7	23.0.46.190 23.0.46.190	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	52.72.182.57 52.72.182.57	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
49	9

1 194.213.114.167 (Belgium) 1 redirects

ASN34762 (COMBELL-AS, BE)
PTR: webapp167.emsecure.net

touch-agency.emsecure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 178.33.19.116 (France) 2 redirects

ASN16276 (OVH, FR)

www.nestlepromo.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.qualifio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 51.89.119.165 (Germany)

ASN16276 (OVH, FR)

files.qualifio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.0.46.190 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-0-46-190.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.72.182.57 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-72-182-57.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	qualifio.com 1 redirects files.qualifio.com player.qualifio.com	3 MB
14	nestlepromo.be 1 redirects www.nestlepromo.be	87 KB
7	evidon.com c.evidon.com	94 KB
3	betrad.com l.betrad.com	360 B
1	gstatic.com fonts.gstatic.com	9 KB
1	googletagmanager.com www.googletagmanager.com	27 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	cloudflare.com cdnjs.cloudflare.com	22 KB
1	emsecure.net 1 redirects touch-agency.emsecure.net	194 B
49	10

	Domain	Requested by
19	files.qualifio.com	www.nestlepromo.be
14	www.nestlepromo.be	1 redirects files.qualifio.com www.nestlepromo.be
7	c.evidon.com	www.nestlepromo.be c.evidon.com
3	l.betrad.com	www.nestlepromo.be
3	player.qualifio.com	1 redirects www.nestlepromo.be
1	fonts.gstatic.com	www.nestlepromo.be
1	www.googletagmanager.com	www.nestlepromo.be
1	fonts.googleapis.com	www.nestlepromo.be
1	maxcdn.bootstrapcdn.com	www.nestlepromo.be
1	cdnjs.cloudflare.com	www.nestlepromo.be
1	touch-agency.emsecure.net	1 redirects
49	11

This site contains links to these domains. Also see Links.

Domain
touch-agency.emsecure.net

Subject Issuer	Validity	Valid
www.nestlepromo.be Let's Encrypt Authority X3	`2019-09-12` - `2019-12-11`	3 months	crt.sh
files.qualifio.com Let's Encrypt Authority X3	`2019-10-04` - `2020-01-02`	3 months	crt.sh
player.qualifio.com Let's Encrypt Authority X3	`2019-10-06` - `2020-01-04`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.evidon.com DigiCert ECC Secure Server CA	`2019-02-01` - `2020-05-02`	a year	crt.sh
l.betrad.com Go Daddy Secure Certificate Authority - G2	`2019-04-25` - `2021-06-24`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Frame ID: 8B2DFCECB5C1A6477E94F7F6CF3303A8
Requests: 8 HTTP requests in this frame

Frame: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Frame ID: D8BFC0DB0E7A339C72E6070184981426
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://touch-agency.emsecure.net/optiext/optiextension.dll?ID=B54B9F0Yx3_0uCkU8bSNZ4v2Lm0V7uloxttmv+h277hL4+2... HTTP 302
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html Page URL

Page Statistics

49
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

11
Subdomains

9
IPs

5
Countries

3717 kB
Transfer

8913 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://touch-agency.emsecure.net/optiext/optiextension.dll?id=jbyW7nBYzSnwZVmUr5qzc4Twp4S4DlWDDPBZby8o0v6d5p7ozA55NzGqc0BuGTF41PjSylgDqBA1Ajac7t5WVVGYGG
Title: Klik dan hier

Search URL Search Domain Scan URL

URL: http://touch-agency.emsecure.net/optiext/optiextension.dll?id=jby91XwBG_YkPBsJ9IAYQm8j_wX9Fh9eMGXdLGr0VvkO757L1fxGf%2Bl6HEOnQ_ORtL8OE_Tn4MnP0jMajjkf9so_uF
Title: contacteer ons

Search URL Search Domain Scan URL

URL: http://touch-agency.emsecure.net/optiext/optiextension.dll?id=jbyWUMgc6bVJnLwIRcF54lQmTLp6E8PfSKu%2BEtOh6v_nfwULnNySVZpKdYyKNwyDDlP7asLB2eUMpYuT_fMFhBTxIW
Title: Privacyverklaring

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://touch-agency.emsecure.net/optiext/optiextension.dll?ID=B54B9F0Yx3_0uCkU8bSNZ4v2Lm0V7uloxttmv+h277hL4+2RsJkLiqy9vq4GzCArcI7xRw9nt0mUw70nwXe6egiXeoQBF HTTP 302
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/v1.cfm?id=75EE418D-9051-2B50-1697-BD026D090A59&pdomain=https://www.nestlepromo.be HTTP 302
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false

Request Chain 31

https://player.qualifio.com/kit/qualp.2.min.js HTTP 301
https://files.qualifio.com/kit/qualp.2.min.js

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Smiley-1-NL.html Show response
www.nestlepromo.be/quiz/463567_465/
Redirect Chain

http://touch-agency.emsecure.net/optiext/optiextension.dll?ID=B54B9F0Yx3_0uCkU8bSNZ4v2Lm0V7uloxttmv+h277hL4+2RsJkLiqy9vq4GzCArcI7xRw9nt0mUw70nwXe6egiXeoQBF
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html

7 KB
3 KB

1409ms
1182ms

Document
text/html

178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.33.19.116 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

f84a4276c72b71bb2fd2bdb7e72153840594c2bdc6d513676792d5f3a9462c9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.nestlepromo.be
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
X-Varnish-BE: production_varnish_04
Vary: Accept-Encoding
X-Varnish-Hits: 0
Server: NCSA/1.4.2
Cache-Control: public, max-age=1
Date: Wed, 16 Oct 2019 14:42:55 GMT
Accept-Ranges: bytes
Transfer-Encoding: chunked
Connection: keep-alive

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Date: Wed, 16 Oct 2019 14:42:53 GMT
Content-Length: 182

GET
H2 200 default.css
files.qualifio.com/static/common/minisite/ 4 KB
1 KB 184ms
94ms Stylesheet
text/css 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/minisite/default.css?v=20190715153943

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

53709c84feb7b82b1c106ee9b461b109c4fe37a6210a984d6b2d44ed1de49fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Feb 2019 04:05:01 GMT
server: NCSA/1.4.2
age: 0
status: 200
etag: "3174871172"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 1156
x-xss-protection: 1; mode=block

GET
H2 200 style.css
files.qualifio.com/static/nestle_belgium/75EE418D-9051-2B50-1697-BD026D090A59/minisite/ 2 KB
860 B 303ms
214ms Stylesheet
text/css 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/nestle_belgium/75EE418D-9051-2B50-1697-BD026D090A59/minisite/style.css?v=20190715153943

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

fffcdb1790d8e87b0830f0baee115983cdc60a95324ace2ead9d8de8b0527213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Jul 2019 13:39:45 GMT
server: NCSA/1.4.2
age: 0
status: 200
etag: "3331631393"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 579
x-xss-protection: 1; mode=block

GET
H2 200 7496A106-A0DD-CAA0-C428BBCE43331838.gif
files.qualifio.com/library/nestle_belgium/pubs/2018/04/ 1 MB
1 MB 97ms
8ms Image
image/gif 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.qualifio.com/library/nestle_belgium/pubs/2018/04/7496A106-A0DD-CAA0-C428BBCE43331838.gif

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

02f64c74ff5e979f732ec1dd218f431befb7967df00ff11dba6a070a5d961ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:02:30 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Apr 2018 11:53:52 GMT
server: NCSA/1.4.2
age: 9624
etag: "2158945318"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 1196175
x-xss-protection: 1; mode=block

GET
H2 200 default.css
files.qualifio.com/static/common/minisite/ 0
1 KB 182ms
94ms Other
text/css 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/minisite/default.css?v=20190715153943

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Feb 2019 04:05:01 GMT
server: NCSA/1.4.2
age: 0
status: 200
etag: "3174871172"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 1156
x-xss-protection: 1; mode=block

GET
H2 200 style.css
files.qualifio.com/static/nestle_belgium/75EE418D-9051-2B50-1697-BD026D090A59/minisite/ 0
860 B 117ms
117ms Other
text/css 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/nestle_belgium/75EE418D-9051-2B50-1697-BD026D090A59/minisite/style.css?v=20190715153943

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Jul 2019 13:39:45 GMT
server: NCSA/1.4.2
age: 0
status: 200
etag: "3331631393"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 579
x-xss-protection: 1; mode=block

GET
H2 200 elastic-apm-opentracing.umd.min.js Show response
files.qualifio.com/kit/ 59 KB
19 KB 8ms
8ms Script
application/javascript 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/kit/elastic-apm-opentracing.umd.min.js

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

ccb23e1a2db26ee07f297182c83b83eaedc5a5cc92de9dd9a15990ed2dce5877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 11:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 30 Sep 2019 13:02:09 GMT
server: NCSA/1.4.2
age: 9865
status: 200
etag: "3199105115"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 18652
x-xss-protection: 1; mode=block

GET
H2 200 qualp.2.min.js Show response
files.qualifio.com/kit/ 14 KB
6 KB 9ms
9ms Script
application/javascript 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/kit/qualp.2.min.js

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

1b6fd7c4b5b7e82c2c6513aec2097e3c68341a2ae73b3b11a6a0b55b8a32bf15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 11:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Apr 2019 10:20:09 GMT
server: NCSA/1.4.2
age: 10207
status: 200
etag: "1350629889"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 6309
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

v1.cfm Show response
www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/ Frame D8BF
Redirect Chain

https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/v1.cfm?id=75EE418D-9051-2B50-1697-BD026D090A59&pdomain=https://www.nestlepromo.be
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false

25 KB
7 KB

1115ms
1115ms

Document
text/html

178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Requested by: Host: files.qualifio.com
URL: https://files.qualifio.com/kit/qualp.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: NCSA/1.4.2 /
Resource Hash: 2281de733d9dcbec745759da0b8db494ee4a0f179f9db6ee7271f43523d7d5ab

Request headers

Host: www.nestlepromo.be
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Referer: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html

Response headers

Pragma: no-cache
X-Qual-uk: QCMDXOTYQ4U
X-Qual-cfid: 6e385900-71ed-40f4-828b-e2c88bd546db
X-Qual-cftoken: 0
X-Qual-timetocache: 0
X-Qual-directform: false
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
X-Varnish-BE: playerlin77s
Vary: Accept-Encoding
X-Varnish-Hits: 0
Server: NCSA/1.4.2
Cache-Control: no-cache
Date: Wed, 16 Oct 2019 14:42:57 GMT
Accept-Ranges: bytes
Transfer-Encoding: chunked
Connection: keep-alive

Redirect headers

Pragma: no-cache
Content-Type: text/html;charset=utf-8
X-Varnish-BE: playerlin77
location: /20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish-Hits: 0
Server: NCSA/1.4.2
Cache-Control: no-cache
Date: Wed, 16 Oct 2019 14:42:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 es5-shim.min.js Show response
files.qualifio.com/static/common/js/shim/ Frame D8BF 17 KB
6 KB 8ms
5ms Script
application/javascript 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/shim/es5-shim.min.js?v=1

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

c4242001d22f6a186deb334a84335af0717f5c1f7e2793f123a8a415c99911aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 11:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Sep 2015 15:57:24 GMT
server: NCSA/1.4.2
age: 10198
status: 200
etag: "2619437583"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 6224
x-xss-protection: 1; mode=block

GET
H2 200 es5-sham.min.js Show response
files.qualifio.com/static/common/js/shim/ Frame D8BF 6 KB
2 KB 15ms
11ms Script
application/javascript 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/shim/es5-sham.min.js?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

92bb04a652129679f5d8e5f40492ceeeb701c74cd09a45c6b16e1b1da5e23e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 11:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Sep 2015 15:57:23 GMT
server: NCSA/1.4.2
age: 10198
status: 200
etag: "1967313635"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 1845
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
files.qualifio.com/static/common/js/jquery/1.11.3/ Frame D8BF 94 KB
33 KB 11ms
7ms Script
application/javascript 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 11:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Aug 2015 09:43:18 GMT
server: NCSA/1.4.2
age: 10198
status: 200
etag: "2174644405"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 33342
x-xss-protection: 1; mode=block

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
files.qualifio.com/static/common/js/jquery/ Frame D8BF 7 KB
3 KB 21ms
17ms Script
application/javascript 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/jquery/jquery-migrate-1.2.1.min.js?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 11:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Aug 2015 09:53:36 GMT
server: NCSA/1.4.2
age: 10198
status: 200
etag: "1459424739"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 3063
x-xss-protection: 1; mode=block

GET
H2 200 jquery-ui.min.css
files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/ Frame D8BF 29 KB
8 KB 21ms
18ms Stylesheet
text/css 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/jquery-ui.min.css?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

83f17340d547d5ebd86043684344da927f263a43d01ec2730814de17e87a08f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 11:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Aug 2015 13:27:36 GMT
server: NCSA/1.4.2
age: 10198
status: 200
etag: "1012864060"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 7538
x-xss-protection: 1; mode=block

GET
H2 200 jquery-ui.min.js Show response
files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/ Frame D8BF 235 KB
63 KB 21ms
18ms Script
application/javascript 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/jquery-ui.min.js?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

e34c0cc1e6cfafa9dd2cf20f1c77d0ffaf293aeb9745cc7d53670e0100f8381d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 11:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Aug 2015 13:27:37 GMT
server: NCSA/1.4.2
age: 10198
status: 200
etag: "1138659313"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 63865
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK jquery-ui.min.css
player.qualifio.com/20/js/autocomplete/ Frame D8BF 15 KB
5 KB 78ms
18ms Stylesheet
text/css 178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://player.qualifio.com/20/js/autocomplete/jquery-ui.min.css
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: NCSA/1.4.2 /
Resource Hash: ba71a3b0b07fc07c89c93b8f8c303f7f6f9209fb80cecfbc22b9e83afc1d8acd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits: 271
Date: Wed, 16 Oct 2019 14:42:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Oct 2019 13:05:31 GMT
Server: NCSA/1.4.2
ETag: W/"15809-1571144731000"
Vary: Accept-Encoding
X-Varnish-BE: playerlin16
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 5028

GET
H2 200 jquery.fancybox.min.js Show response
files.qualifio.com/static/common/js/fancybox/source/ Frame D8BF 22 KB
7 KB 20ms
18ms Script
application/javascript 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/fancybox/source/jquery.fancybox.min.js?v=1?v=2.0.6

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

9825531d5b00159fcd4e0042f3b5f4fc2eb147cb9974bb54fb20a0d68a763c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 11:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Aug 2015 11:19:55 GMT
server: NCSA/1.4.2
age: 10198
status: 200
etag: "285586998"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 7177
x-xss-protection: 1; mode=block

GET
H2 200 jquery.fancybox.css
files.qualifio.com/static/common/js/fancybox/source/ Frame D8BF 4 KB
1 KB 19ms
17ms Stylesheet
text/css 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/fancybox/source/jquery.fancybox.css?v=1?v=2.0.6

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

38ff61155ed0c4e21095a6ea52dfcb3a55dd289a2a2dd569d062156e9c53cbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 11:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Feb 2019 08:30:44 GMT
server: NCSA/1.4.2
age: 10198
status: 200
etag: "373201918"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 1177
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK jquery.validate.js Show response
www.nestlepromo.be/20/js/validate/ Frame D8BF 46 KB
13 KB 21ms
19ms Script
application/javascript 178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nestlepromo.be/20/js/validate/jquery.validate.js?version=4
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: NCSA/1.4.2 /
Resource Hash: fba8a618ef77fbc5cebc12ca68497499f595c802a29a24863fc9fcc1f56592a6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits: 2
Date: Wed, 16 Oct 2019 14:42:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Oct 2019 13:05:31 GMT
Server: NCSA/1.4.2
ETag: W/"47393-1571144731000"
Vary: Accept-Encoding
X-Varnish-BE: playerlin75
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 12817

GET
H/1.1 200
OK additional-methods.js Show response
www.nestlepromo.be/20/js/validate/ Frame D8BF 38 KB
11 KB 55ms
19ms Script
application/javascript 178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nestlepromo.be/20/js/validate/additional-methods.js
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: NCSA/1.4.2 /
Resource Hash: 34eaf08c756cd248519acb73fb69f36c36cbb9aef23ab74ed301c2b8a3c7d793

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits: 2
Date: Wed, 16 Oct 2019 14:42:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Oct 2019 13:05:31 GMT
Server: NCSA/1.4.2
ETag: W/"39117-1571144731000"
Vary: Accept-Encoding
X-Varnish-BE: playerlin75
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 10502

GET
H/1.1 200
OK validateDate.js Show response
www.nestlepromo.be/20/js/validate/ Frame D8BF 217 KB
38 KB 72ms
36ms Script
application/javascript 178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nestlepromo.be/20/js/validate/validateDate.js?version=2
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: NCSA/1.4.2 /
Resource Hash: 8e39d1dd0023af9edb31ab357803e26be68751ea3a253128e73661560809d886

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits: 2
Date: Wed, 16 Oct 2019 14:42:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Oct 2019 13:05:31 GMT
Server: NCSA/1.4.2
ETag: W/"222261-1571144731000"
Vary: Accept-Encoding
X-Varnish-BE: playerlin78
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 38485

GET
H2 200 jquery.inputmask.bundle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/ Frame D8BF 74 KB
22 KB 29ms
27ms Script
application/javascript 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/jquery.inputmask.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d00a43e3b1c901b663bad31799b39eb483cff9bf4e03bce932128d35ce14a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:42:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 15870801
status: 200
served-in-seconds: 0.002
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:59 GMT
server: cloudflare
etag: W/"5afd497b-128e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 526acd64fc1e59e2-VIE
expires: Mon, 05 Oct 2020 14:42:57 GMT

GET
H/1.1 200
OK player.css.cfm
www.nestlepromo.be/20/ws/css/ Frame D8BF 42 KB
13 KB 5494ms
5474ms Stylesheet
text/css 178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nestlepromo.be/20/ws/css/player.css.cfm?questionset=true&justification=true&v=3015
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: NCSA/1.4.2 /
Resource Hash: 4130f17dfa410bcaf8affc83a95020691735bf0f8263f96db9e2067e5fc1574c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits: 0
Date: Wed, 16 Oct 2019 14:43:02 GMT
Content-Encoding: gzip
Server: NCSA/1.4.2
Vary: Accept-Encoding
X-Varnish-BE: playerlin78
Cache-Control: maxage=31536000, public, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css;charset=UTF-8

GET
H/1.1 200
OK dateAgeCompare.js Show response
www.nestlepromo.be/20/js/ Frame D8BF 5 KB
1 KB 54ms
18ms Script
application/javascript 178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nestlepromo.be/20/js/dateAgeCompare.js?v=7.28.7
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: NCSA/1.4.2 /
Resource Hash: fde07c4fc186e48869476370bcd4a43384ab806e9327b3ed9d2ab2a74d9323e4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits: 2
Date: Wed, 16 Oct 2019 14:42:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Oct 2019 13:05:31 GMT
Server: NCSA/1.4.2
ETag: W/"4870-1571144731000"
Vary: Accept-Encoding
X-Varnish-BE: playerlin74
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 915

GET
H2 200 style.css
files.qualifio.com/static/nestle_belgium/75EE418D-9051-2B50-1697-BD026D090A59/ Frame D8BF 36 KB
7 KB 352ms
351ms Stylesheet
text/css 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/nestle_belgium/75EE418D-9051-2B50-1697-BD026D090A59/style.css?v=190715154009

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

2b03e23d5274520ffb293644a8991f4a2ab46eda06e7c663d608910f102cf059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Apr 2018 14:43:10 GMT
server: NCSA/1.4.2
age: 0
status: 200
etag: "3376785926"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 6917
x-xss-protection: 1; mode=block

GET
H2 200 showhide.min.js Show response
files.qualifio.com/static/common/js/banners/ Frame D8BF 268 B
457 B 19ms
18ms Script
application/javascript 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/banners/showhide.min.js?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

f372045a176af5d908a98bd807cf35fbcb3165d71bac093d11bfd531bfc551fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 12:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 Mar 2017 11:02:10 GMT
server: NCSA/1.4.2
age: 9011
status: 200
etag: "149969135"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 175
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK tldjs.js Show response
player.qualifio.com/20/js/validate/ Frame D8BF 92 KB
36 KB 37ms
37ms Script
application/javascript 178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://player.qualifio.com/20/js/validate/tldjs.js
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/js/validate/jquery.validate.js?version=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: NCSA/1.4.2 /
Resource Hash: 81fd20c2f288b1b3850e0c91e9cd5a87a61af0a4f2b1719cf0ce238d96e996bd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits: 615
Date: Wed, 16 Oct 2019 14:42:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Oct 2019 13:05:31 GMT
Server: NCSA/1.4.2
ETag: W/"94080-1571144731000"
Vary: Accept-Encoding
X-Varnish-BE: playerlin26
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 36173

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame D8BF 30 KB
7 KB 33ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:43:02 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 css
fonts.googleapis.com/ Frame D8BF 24 KB
1 KB 20ms
19ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800italic,800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 16 Oct 2019 14:43:02 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 16 Oct 2019 14:43:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 16 Oct 2019 14:43:02 GMT

POST
H/1.1 200
OK browserinfo.cfc Show response
www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1/cfc/ Frame D8BF 238 B
539 B 31ms
30ms XHR
text/plain 178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1/cfc/browserinfo.cfc?method=save&CFID=6e385900-71ed-40f4-828b-e2c88bd546db&CFTOKEN=0
Requested by: Host: files.qualifio.com
URL: https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: NCSA/1.4.2 /
Resource Hash: c646dec70f85cc3911a0dcd13377b189c8f7f87d2f8b0dc4cfffb5f3727feaa5

Request headers

Accept: */*
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Varnish-Hits: 0
Date: Wed, 16 Oct 2019 14:43:03 GMT
Content-Encoding: gzip
Server: NCSA/1.4.2
Return-Format: plain
Vary: Accept-Encoding
X-Varnish-BE: playerlin77s
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/plain;charset=UTF-8

GET
H2 200 7578E8A3-0CE3-C84C-79AC6EFC31FE060B.png
files.qualifio.com/library/nestle_belgium/fonds/2018/04/ Frame D8BF 2 MB
2 MB 295ms
272ms Image
image/png 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.qualifio.com/library/nestle_belgium/fonds/2018/04/7578E8A3-0CE3-C84C-79AC6EFC31FE060B.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

0f50656ee4ed2472ffc112714b7afc5c0f18366f9c10cb9d32a8200cff13856d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://files.qualifio.com/static/nestle_belgium/75EE418D-9051-2B50-1697-BD026D090A59/style.css?v=190715154009
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:43:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Apr 2018 12:18:44 GMT
server: NCSA/1.4.2
age: 0
etag: "3872388427"
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 2142419
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame D8BF 99 KB
27 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:814::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPH3HHC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e917e1c97641af41825c583d8dcb2efbdfd0290b760fc9a6b8d66de28e1ab44

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:43:03 GMT
content-encoding: br
last-modified: Wed, 16 Oct 2019 12:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27245
x-xss-protection: 0
expires: Wed, 16 Oct 2019 14:43:03 GMT

GET
H2

200

qualp.2.min.js Show response
files.qualifio.com/kit/ Frame D8BF
Redirect Chain

https://player.qualifio.com/kit/qualp.2.min.js
https://files.qualifio.com/kit/qualp.2.min.js

14 KB
6 KB

8ms
7ms

Script
application/javascript

51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/kit/qualp.2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

1b6fd7c4b5b7e82c2c6513aec2097e3c68341a2ae73b3b11a6a0b55b8a32bf15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 11:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Apr 2019 10:20:09 GMT
server: NCSA/1.4.2
age: 10215
status: 200
etag: "1350629889"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 6309
x-xss-protection: 1; mode=block

Redirect headers

location: https://files.qualifio.com/kit/qualp.2.min.js
Date: Wed, 16 Oct 2019 14:43:03 GMT
Server: Varnish
Connection: keep-alive
Content-Length: 0
X-Varnish: 348442856

GET
H/1.1 200
OK keepAlive.cfm Show response
www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/ Frame D8BF 3 B
326 B 46ms
28ms XHR
text/html 178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/keepAlive.cfm?uk=QCMDXOTYQ4U&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0
Requested by: Host: files.qualifio.com
URL: https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: NCSA/1.4.2 /
Resource Hash: dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22

Request headers

Accept: */*
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-Varnish-Hits: 0
Date: Wed, 16 Oct 2019 14:43:03 GMT
Content-Encoding: gzip
Server: NCSA/1.4.2
Vary: Accept-Encoding
X-Varnish-BE: playerlin77s
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html;charset=utf-8

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ Frame D8BF 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800italic,800
Origin: https://www.nestlepromo.be
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 09:41:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 536512
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9080
x-xss-protection: 0
expires: Fri, 09 Oct 2020 09:41:11 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ Frame D8BF 44 KB
12 KB 29ms
9ms Script
application/x-javascript 23.0.46.190
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.0.46.190 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-0-46-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 311f7c035bd8e2e36fdef1962231c004e48199087b73427a87499997210bfe16

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:43:03 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 11996
last-modified: Tue, 15 Oct 2019 20:41:09 GMT
server: AkamaiNetStorage
etag: "b42c671932dcdded523f9b56fb2dc206:1571172069"
access-control-max-age: 86400
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 17 Oct 2019 14:43:03 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ Frame D8BF 260 B
512 B 26ms
7ms Script
application/x-javascript 23.0.46.190
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.0.46.190 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-0-46-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f9784f57729f84391b084eed9e944e048f771129d65e9b58f34095fdfba86473

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:43:03 GMT
last-modified: Wed, 30 May 2018 22:23:16 GMT
server: AkamaiNetStorage
status: 200
etag: "c1e367d098d326049811561575dbda4a:1527718996"
access-control-max-age: 86400
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
accept-ranges: bytes
access-control-allow-headers: *
content-length: 260

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/2020/ Frame D8BF 922 KB
22 KB 34ms
16ms Script
application/x-javascript 23.0.46.190
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2020/snthemes.js
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.0.46.190 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-0-46-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 82df124d011a77d594c7ec23e20a86efaf0cb686dcd6f319d90e30a077f9ff7e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:43:03 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 22024
last-modified: Tue, 15 Oct 2019 06:04:31 GMT
server: AkamaiNetStorage
etag: "22bdaf34cfe3ef306399f4bba9c91a96:1571119471"
access-control-max-age: 86400
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 17 Oct 2019 14:43:03 GMT

GET
H2 200 settings.js Show response
c.evidon.com/sitenotice/2020/nestlepromo/ Frame D8BF 3 KB
1 KB 27ms
9ms Script
application/x-javascript 23.0.46.190
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2020/nestlepromo/settings.js
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.0.46.190 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-0-46-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ed4c7b2177fbf30c74a13d471f8e9b5d87375d763da25957dd626824f06bec5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:43:03 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 1039
last-modified: Thu, 16 May 2019 10:23:43 GMT
server: AkamaiNetStorage
etag: "36c03c8783957d5a6395468abc067b12:1558002223"
access-control-max-age: 86400
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 17 Oct 2019 14:43:03 GMT

GET
H/1.1 200
OK store-participation Show response
www.nestlepromo.be/ Frame D8BF 0
186 B 18ms
18ms XHR
text/plain 178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nestlepromo.be/store-participation?client_id
Requested by: Host: files.qualifio.com
URL: https://files.qualifio.com/kit/qualp.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
X-Part: -
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 14:43:03 GMT
Server: Varnish
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/plain
Content-Length: 0
X-Varnish: 355741136

GET
H/1.1 200
OK store-participation Show response
www.nestlepromo.be/ Frame D8BF 36 B
267 B 18ms
18ms XHR
text/plain 178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nestlepromo.be/store-participation?client_id
Requested by: Host: files.qualifio.com
URL: https://files.qualifio.com/kit/qualp.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Varnish /
Resource Hash: f1edf6f8ccb32257259afe1358e40af3977850e2ec356d2cb0ea00aae76b7e33

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
X-Part: 6afb22ec-0a30-e798-9a25-a3a2c280af3e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 14:43:03 GMT
Server: Varnish
ETag: 6afb22ec-0a30-e798-9a25-a3a2c280af3e
X-Varnish: 355741137
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/plain
Content-Length: 36

POST
H/1.1 201
Created events Show response
www.nestlepromo.be/egw/ Frame D8BF 2 B
657 B 139ms
139ms XHR
text/plain 178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nestlepromo.be/egw/events

Requested by

Host: files.qualifio.com
URL: https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.33.19.116 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 22
X-XSS-Protection: 1; mode=block
Server: NCSA/1.4.2
Date: Wed, 16 Oct 2019 14:43:03 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Varnish-BE: production_varnish_02
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Varnish-Hits: 0
Content-Type: text/plain
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/2020/translations/ Frame D8BF 2 MB
27 KB 20ms
19ms Script
application/x-javascript 23.0.46.190
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2020/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.0.46.190 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-0-46-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9a7e47c31f71938f55ef8c3273b4bf579cf718c4adce006bd597ad01b226ad35

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:43:03 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 27543
last-modified: Tue, 08 Oct 2019 17:32:11 GMT
server: AkamaiNetStorage
etag: "df78292307d8cfddfea77e721a532aa5:1570555931"
access-control-max-age: 86400
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 17 Oct 2019 14:43:03 GMT

GET
H2 200 fr.js Show response
c.evidon.com/sitenotice/2020/translations/ Frame D8BF 2 MB
27 KB 19ms
19ms Script
application/x-javascript 23.0.46.190
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2020/translations/fr.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.0.46.190 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-0-46-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: aaff4ce215d03420a2f8ef949b940c2cfad9c56a73d9726e04317d22b7184f37

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:43:03 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 27645
last-modified: Tue, 01 Oct 2019 20:52:46 GMT
server: AkamaiNetStorage
etag: "ccede7d4ed28ba58ac65a2831e7c6b4e:1569963166"
access-control-max-age: 86400
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 17 Oct 2019 14:43:03 GMT

GET
H2 200 evidon-banner.js Show response
c.evidon.com/sitenotice/ Frame D8BF 10 KB
3 KB 6ms
6ms Script
application/x-javascript 23.0.46.190
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-banner.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.0.46.190 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-0-46-190.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 06d56458db165cd0ede7a6c23b441e81d0269feac7f8793d582253cc63e9db38

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:43:03 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 2958
last-modified: Tue, 15 Oct 2019 20:41:10 GMT
server: Apache
etag: "119ff1c01eb744dc72c66e4d7f49b38b:1571172072"
access-control-max-age: 86400
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 17 Oct 2019 14:43:03 GMT

GET
H2 204 2
l.betrad.com/site/v3/2020/15950/20/1/2/ Frame D8BF 0
120 B 271ms
91ms Image
text/plain 52.72.182.57
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/2020/15950/20/1/2/2?consent=0
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.182.57 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-182-57.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Wed, 16 Oct 2019 14:43:03 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 51680
l.betrad.com/site/v3/2020/15950/20/1/2/2/ Frame D8BF 0
120 B 92ms
92ms Image
text/plain 52.72.182.57
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/2020/15950/20/1/2/2/51680?consent=0
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.182.57 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-182-57.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Wed, 16 Oct 2019 14:43:03 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 51680
l.betrad.com/site/v3/2020/15950/20/4/2/2/ Frame D8BF 0
120 B 114ms
114ms Image
text/plain 52.72.182.57
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/2020/15950/20/4/2/2/51680?consent=0
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.182.57 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-182-57.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Wed, 16 Oct 2019 14:43:03 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H/1.1 200
OK _ajax_get_querystring.cfm Show response
www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1/ Frame D8BF 0
227 B 30ms
29ms XHR
text/html 178.33.19.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1/_ajax_get_querystring.cfm?uk=QCMDXOTYQ4U&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&ref=https%3A%2F%2Fwww.nestlepromo.be%2Fquiz%2F463567_465%2FSmiley-1-NL.html
Requested by: Host: files.qualifio.com
URL: https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: NCSA/1.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-Varnish-Hits: 0
Date: Wed, 16 Oct 2019 14:43:03 GMT
Server: NCSA/1.4.2
X-Varnish-BE: playerlin77s
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html;charset=utf-8
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.nestlepromo.be/quiz/463567_465	1970-01-19 04:27:18	Name: _qual_restore_75EE418D-9051-2B50-1697-BD026D090A59 Value: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://files.qualifio.com/kit/elastic-apm-opentracing.umd.min.js(Line 2) Message: RUM agent is inactive

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.evidon.com
cdnjs.cloudflare.com
files.qualifio.com
fonts.googleapis.com
fonts.gstatic.com
l.betrad.com
maxcdn.bootstrapcdn.com
player.qualifio.com
touch-agency.emsecure.net
www.googletagmanager.com
www.nestlepromo.be
178.33.19.116
194.213.114.167
2001:4de0:ac19::1:b:3a
23.0.46.190
2606:4700::6813:c497
2a00:1450:4001:806::2003
2a00:1450:4001:814::2008
2a00:1450:4001:81f::200a
51.89.119.165
52.72.182.57
02f64c74ff5e979f732ec1dd218f431befb7967df00ff11dba6a070a5d961ada
06d56458db165cd0ede7a6c23b441e81d0269feac7f8793d582253cc63e9db38
0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538
0f50656ee4ed2472ffc112714b7afc5c0f18366f9c10cb9d32a8200cff13856d
1b6fd7c4b5b7e82c2c6513aec2097e3c68341a2ae73b3b11a6a0b55b8a32bf15
1d00a43e3b1c901b663bad31799b39eb483cff9bf4e03bce932128d35ce14a9a
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
2281de733d9dcbec745759da0b8db494ee4a0f179f9db6ee7271f43523d7d5ab
2b03e23d5274520ffb293644a8991f4a2ab46eda06e7c663d608910f102cf059
311f7c035bd8e2e36fdef1962231c004e48199087b73427a87499997210bfe16
34eaf08c756cd248519acb73fb69f36c36cbb9aef23ab74ed301c2b8a3c7d793
38ff61155ed0c4e21095a6ea52dfcb3a55dd289a2a2dd569d062156e9c53cbd4
4130f17dfa410bcaf8affc83a95020691735bf0f8263f96db9e2067e5fc1574c
4ed4c7b2177fbf30c74a13d471f8e9b5d87375d763da25957dd626824f06bec5
53709c84feb7b82b1c106ee9b461b109c4fe37a6210a984d6b2d44ed1de49fa1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e917e1c97641af41825c583d8dcb2efbdfd0290b760fc9a6b8d66de28e1ab44
81fd20c2f288b1b3850e0c91e9cd5a87a61af0a4f2b1719cf0ce238d96e996bd
82df124d011a77d594c7ec23e20a86efaf0cb686dcd6f319d90e30a077f9ff7e
83f17340d547d5ebd86043684344da927f263a43d01ec2730814de17e87a08f8
8e39d1dd0023af9edb31ab357803e26be68751ea3a253128e73661560809d886
92bb04a652129679f5d8e5f40492ceeeb701c74cd09a45c6b16e1b1da5e23e0c
9825531d5b00159fcd4e0042f3b5f4fc2eb147cb9974bb54fb20a0d68a763c65
9a7e47c31f71938f55ef8c3273b4bf579cf718c4adce006bd597ad01b226ad35
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
aaff4ce215d03420a2f8ef949b940c2cfad9c56a73d9726e04317d22b7184f37
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
ba71a3b0b07fc07c89c93b8f8c303f7f6f9209fb80cecfbc22b9e83afc1d8acd
c4242001d22f6a186deb334a84335af0717f5c1f7e2793f123a8a415c99911aa
c646dec70f85cc3911a0dcd13377b189c8f7f87d2f8b0dc4cfffb5f3727feaa5
ccb23e1a2db26ee07f297182c83b83eaedc5a5cc92de9dd9a15990ed2dce5877
dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22
e34c0cc1e6cfafa9dd2cf20f1c77d0ffaf293aeb9745cc7d53670e0100f8381d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1edf6f8ccb32257259afe1358e40af3977850e2ec356d2cb0ea00aae76b7e33
f372045a176af5d908a98bd807cf35fbcb3165d71bac093d11bfd531bfc551fe
f84a4276c72b71bb2fd2bdb7e72153840594c2bdc6d513676792d5f3a9462c9f
f9784f57729f84391b084eed9e944e048f771129d65e9b58f34095fdfba86473
fba8a618ef77fbc5cebc12ca68497499f595c802a29a24863fc9fcc1f56592a6
fde07c4fc186e48869476370bcd4a43384ab806e9327b3ed9d2ab2a74d9323e4
fffcdb1790d8e87b0830f0baee115983cdc60a95324ace2ead9d8de8b0527213

www.nestlepromo.be Open in urlscan Pro 178.33.19.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

49 Requests

100 %HTTPS

50 %IPv6

10 Domains

11 Subdomains

9 IPs

5 Countries

3717 kBTransfer

8913 kBSize

1 Cookies

3 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nestlepromo.be Open in urlscan Pro
178.33.19.116 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

11
Subdomains

9
IPs

5
Countries

3717 kB
Transfer

8913 kB
Size

1
Cookies

49 HTTP transactions
0 data transactions