Submitted URL: http://touch-agency.emsecure.net/optiext/optiextension.dll?ID=B54B9F0Yx3_0uCkU8bSNZ4v2Lm0V7uloxttmv+h277hL4+2RsJkLiqy9vq4GzCArcI7...
Effective URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Submission: On October 16 via api from BE

Summary

This website contacted 9 IPs in 5 countries across 10 domains to perform 49 HTTP transactions. The main IP is 178.33.19.116, located in France and belongs to OVH, FR. The main domain is www.nestlepromo.be.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 12th 2019. Valid for: 3 months.
This is the only time www.nestlepromo.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 194.213.114.167 34762 (COMBELL-AS)
2 17 178.33.19.116 16276 (OVH)
19 51.89.119.165 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 23.0.46.190 16625 (AKAMAI-AS)
3 52.72.182.57 14618 (AMAZON-AES)
49 9
Domain Requested by
19 files.qualifio.com www.nestlepromo.be
14 www.nestlepromo.be 1 redirects files.qualifio.com
www.nestlepromo.be
7 c.evidon.com www.nestlepromo.be
c.evidon.com
3 l.betrad.com www.nestlepromo.be
3 player.qualifio.com 1 redirects www.nestlepromo.be
1 fonts.gstatic.com www.nestlepromo.be
1 www.googletagmanager.com www.nestlepromo.be
1 fonts.googleapis.com www.nestlepromo.be
1 maxcdn.bootstrapcdn.com www.nestlepromo.be
1 cdnjs.cloudflare.com www.nestlepromo.be
1 touch-agency.emsecure.net 1 redirects
49 11

This site contains links to these domains. Also see Links.

Domain
touch-agency.emsecure.net
Subject Issuer Validity Valid
www.nestlepromo.be
Let's Encrypt Authority X3
2019-09-12 -
2019-12-11
3 months crt.sh
files.qualifio.com
Let's Encrypt Authority X3
2019-10-04 -
2020-01-02
3 months crt.sh
player.qualifio.com
Let's Encrypt Authority X3
2019-10-06 -
2020-01-04
3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-10 -
2020-02-16
6 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year crt.sh
*.googleapis.com
GTS CA 1O1
2019-09-17 -
2019-12-10
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2019-09-17 -
2019-12-10
3 months crt.sh
*.google.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh
*.evidon.com
DigiCert ECC Secure Server CA
2019-02-01 -
2020-05-02
a year crt.sh
l.betrad.com
Go Daddy Secure Certificate Authority - G2
2019-04-25 -
2021-06-24
2 years crt.sh

This page contains 2 frames:

Primary Page: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Frame ID: 8B2DFCECB5C1A6477E94F7F6CF3303A8
Requests: 8 HTTP requests in this frame

Frame: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Frame ID: D8BFC0DB0E7A339C72E6070184981426
Requests: 41 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://touch-agency.emsecure.net/optiext/optiextension.dll?ID=B54B9F0Yx3_0uCkU8bSNZ4v2Lm0V7uloxttmv+h277hL4+2... HTTP 302
    https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html Page URL

Page Statistics

49
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

11
Subdomains

9
IPs

5
Countries

3717 kB
Transfer

8913 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://touch-agency.emsecure.net/optiext/optiextension.dll?ID=B54B9F0Yx3_0uCkU8bSNZ4v2Lm0V7uloxttmv+h277hL4+2RsJkLiqy9vq4GzCArcI7xRw9nt0mUw70nwXe6egiXeoQBF HTTP 302
    https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/v1.cfm?id=75EE418D-9051-2B50-1697-BD026D090A59&pdomain=https://www.nestlepromo.be HTTP 302
  • https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Request Chain 31
  • https://player.qualifio.com/kit/qualp.2.min.js HTTP 301
  • https://files.qualifio.com/kit/qualp.2.min.js

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Smiley-1-NL.html
www.nestlepromo.be/quiz/463567_465/
Redirect Chain
  • http://touch-agency.emsecure.net/optiext/optiextension.dll?ID=B54B9F0Yx3_0uCkU8bSNZ4v2Lm0V7uloxttmv+h277hL4+2RsJkLiqy9vq4GzCArcI7xRw9nt0mUw70nwXe6egiXeoQBF
  • https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
7 KB
3 KB
Document
General
Full URL
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
f84a4276c72b71bb2fd2bdb7e72153840594c2bdc6d513676792d5f3a9462c9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.nestlepromo.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=31536000
X-Varnish-BE
production_varnish_04
Vary
Accept-Encoding
X-Varnish-Hits
0
Server
NCSA/1.4.2
Cache-Control
public, max-age=1
Date
Wed, 16 Oct 2019 14:42:55 GMT
Accept-Ranges
bytes
Transfer-Encoding
chunked
Connection
keep-alive

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Date
Wed, 16 Oct 2019 14:42:53 GMT
Content-Length
182
default.css
files.qualifio.com/static/common/minisite/
4 KB
1 KB
Stylesheet
General
Full URL
https://files.qualifio.com/static/common/minisite/default.css?v=20190715153943
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
53709c84feb7b82b1c106ee9b461b109c4fe37a6210a984d6b2d44ed1de49fa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:42:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Feb 2019 04:05:01 GMT
server
NCSA/1.4.2
age
0
status
200
etag
"3174871172"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
1156
x-xss-protection
1; mode=block
style.css
files.qualifio.com/static/nestle_belgium/75EE418D-9051-2B50-1697-BD026D090A59/minisite/
2 KB
860 B
Stylesheet
General
Full URL
https://files.qualifio.com/static/nestle_belgium/75EE418D-9051-2B50-1697-BD026D090A59/minisite/style.css?v=20190715153943
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
fffcdb1790d8e87b0830f0baee115983cdc60a95324ace2ead9d8de8b0527213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:42:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Jul 2019 13:39:45 GMT
server
NCSA/1.4.2
age
0
status
200
etag
"3331631393"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
579
x-xss-protection
1; mode=block
7496A106-A0DD-CAA0-C428BBCE43331838.gif
files.qualifio.com/library/nestle_belgium/pubs/2018/04/
1 MB
1 MB
Image
General
Full URL
https://files.qualifio.com/library/nestle_belgium/pubs/2018/04/7496A106-A0DD-CAA0-C428BBCE43331838.gif
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
02f64c74ff5e979f732ec1dd218f431befb7967df00ff11dba6a070a5d961ada
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 12:02:30 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Apr 2018 11:53:52 GMT
server
NCSA/1.4.2
age
9624
etag
"2158945318"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
1196175
x-xss-protection
1; mode=block
default.css
files.qualifio.com/static/common/minisite/
0
1 KB
Other
General
Full URL
https://files.qualifio.com/static/common/minisite/default.css?v=20190715153943
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:42:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Feb 2019 04:05:01 GMT
server
NCSA/1.4.2
age
0
status
200
etag
"3174871172"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
1156
x-xss-protection
1; mode=block
style.css
files.qualifio.com/static/nestle_belgium/75EE418D-9051-2B50-1697-BD026D090A59/minisite/
0
860 B
Other
General
Full URL
https://files.qualifio.com/static/nestle_belgium/75EE418D-9051-2B50-1697-BD026D090A59/minisite/style.css?v=20190715153943
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:42:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Jul 2019 13:39:45 GMT
server
NCSA/1.4.2
age
0
status
200
etag
"3331631393"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
579
x-xss-protection
1; mode=block
elastic-apm-opentracing.umd.min.js
files.qualifio.com/kit/
59 KB
19 KB
Script
General
Full URL
https://files.qualifio.com/kit/elastic-apm-opentracing.umd.min.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
ccb23e1a2db26ee07f297182c83b83eaedc5a5cc92de9dd9a15990ed2dce5877
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 11:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Sep 2019 13:02:09 GMT
server
NCSA/1.4.2
age
9865
status
200
etag
"3199105115"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
18652
x-xss-protection
1; mode=block
qualp.2.min.js
files.qualifio.com/kit/
14 KB
6 KB
Script
General
Full URL
https://files.qualifio.com/kit/qualp.2.min.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
1b6fd7c4b5b7e82c2c6513aec2097e3c68341a2ae73b3b11a6a0b55b8a32bf15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 11:52:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2019 10:20:09 GMT
server
NCSA/1.4.2
age
10207
status
200
etag
"1350629889"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
6309
x-xss-protection
1; mode=block
v1.cfm
www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/ Frame D8BF
Redirect Chain
  • https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/v1.cfm?id=75EE418D-9051-2B50-1697-BD026D090A59&pdomain=https://www.nestlepromo.be
  • https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
25 KB
7 KB
Document
General
Full URL
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Requested by
Host: files.qualifio.com
URL: https://files.qualifio.com/kit/qualp.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
2281de733d9dcbec745759da0b8db494ee4a0f179f9db6ee7271f43523d7d5ab

Request headers

Host
www.nestlepromo.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Referer
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html

Response headers

Pragma
no-cache
X-Qual-uk
QCMDXOTYQ4U
X-Qual-cfid
6e385900-71ed-40f4-828b-e2c88bd546db
X-Qual-cftoken
0
X-Qual-timetocache
0
X-Qual-directform
false
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
X-Varnish-BE
playerlin77s
Vary
Accept-Encoding
X-Varnish-Hits
0
Server
NCSA/1.4.2
Cache-Control
no-cache
Date
Wed, 16 Oct 2019 14:42:57 GMT
Accept-Ranges
bytes
Transfer-Encoding
chunked
Connection
keep-alive

Redirect headers

Pragma
no-cache
Content-Type
text/html;charset=utf-8
X-Varnish-BE
playerlin77
location
/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Content-Encoding
gzip
Vary
Accept-Encoding
X-Varnish-Hits
0
Server
NCSA/1.4.2
Cache-Control
no-cache
Date
Wed, 16 Oct 2019 14:42:56 GMT
Transfer-Encoding
chunked
Connection
keep-alive
es5-shim.min.js
files.qualifio.com/static/common/js/shim/ Frame D8BF
17 KB
6 KB
Script
General
Full URL
https://files.qualifio.com/static/common/js/shim/es5-shim.min.js?v=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
c4242001d22f6a186deb334a84335af0717f5c1f7e2793f123a8a415c99911aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 11:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Sep 2015 15:57:24 GMT
server
NCSA/1.4.2
age
10198
status
200
etag
"2619437583"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
6224
x-xss-protection
1; mode=block
es5-sham.min.js
files.qualifio.com/static/common/js/shim/ Frame D8BF
6 KB
2 KB
Script
General
Full URL
https://files.qualifio.com/static/common/js/shim/es5-sham.min.js?v=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
92bb04a652129679f5d8e5f40492ceeeb701c74cd09a45c6b16e1b1da5e23e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 11:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Sep 2015 15:57:23 GMT
server
NCSA/1.4.2
age
10198
status
200
etag
"1967313635"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
1845
x-xss-protection
1; mode=block
jquery.min.js
files.qualifio.com/static/common/js/jquery/1.11.3/ Frame D8BF
94 KB
33 KB
Script
General
Full URL
https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 11:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 07 Aug 2015 09:43:18 GMT
server
NCSA/1.4.2
age
10198
status
200
etag
"2174644405"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
33342
x-xss-protection
1; mode=block
jquery-migrate-1.2.1.min.js
files.qualifio.com/static/common/js/jquery/ Frame D8BF
7 KB
3 KB
Script
General
Full URL
https://files.qualifio.com/static/common/js/jquery/jquery-migrate-1.2.1.min.js?v=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 11:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 07 Aug 2015 09:53:36 GMT
server
NCSA/1.4.2
age
10198
status
200
etag
"1459424739"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
3063
x-xss-protection
1; mode=block
jquery-ui.min.css
files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/ Frame D8BF
29 KB
8 KB
Stylesheet
General
Full URL
https://files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/jquery-ui.min.css?v=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
83f17340d547d5ebd86043684344da927f263a43d01ec2730814de17e87a08f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 11:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 07 Aug 2015 13:27:36 GMT
server
NCSA/1.4.2
age
10198
status
200
etag
"1012864060"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
7538
x-xss-protection
1; mode=block
jquery-ui.min.js
files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/ Frame D8BF
235 KB
63 KB
Script
General
Full URL
https://files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/jquery-ui.min.js?v=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
e34c0cc1e6cfafa9dd2cf20f1c77d0ffaf293aeb9745cc7d53670e0100f8381d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 11:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 07 Aug 2015 13:27:37 GMT
server
NCSA/1.4.2
age
10198
status
200
etag
"1138659313"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
63865
x-xss-protection
1; mode=block
jquery-ui.min.css
player.qualifio.com/20/js/autocomplete/ Frame D8BF
15 KB
5 KB
Stylesheet
General
Full URL
https://player.qualifio.com/20/js/autocomplete/jquery-ui.min.css
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
ba71a3b0b07fc07c89c93b8f8c303f7f6f9209fb80cecfbc22b9e83afc1d8acd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits
271
Date
Wed, 16 Oct 2019 14:42:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Oct 2019 13:05:31 GMT
Server
NCSA/1.4.2
ETag
W/"15809-1571144731000"
Vary
Accept-Encoding
X-Varnish-BE
playerlin16
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
5028
jquery.fancybox.min.js
files.qualifio.com/static/common/js/fancybox/source/ Frame D8BF
22 KB
7 KB
Script
General
Full URL
https://files.qualifio.com/static/common/js/fancybox/source/jquery.fancybox.min.js?v=1?v=2.0.6
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
9825531d5b00159fcd4e0042f3b5f4fc2eb147cb9974bb54fb20a0d68a763c65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 11:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 07 Aug 2015 11:19:55 GMT
server
NCSA/1.4.2
age
10198
status
200
etag
"285586998"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
7177
x-xss-protection
1; mode=block
jquery.fancybox.css
files.qualifio.com/static/common/js/fancybox/source/ Frame D8BF
4 KB
1 KB
Stylesheet
General
Full URL
https://files.qualifio.com/static/common/js/fancybox/source/jquery.fancybox.css?v=1?v=2.0.6
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
38ff61155ed0c4e21095a6ea52dfcb3a55dd289a2a2dd569d062156e9c53cbd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 11:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Feb 2019 08:30:44 GMT
server
NCSA/1.4.2
age
10198
status
200
etag
"373201918"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
1177
x-xss-protection
1; mode=block
jquery.validate.js
www.nestlepromo.be/20/js/validate/ Frame D8BF
46 KB
13 KB
Script
General
Full URL
https://www.nestlepromo.be/20/js/validate/jquery.validate.js?version=4
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
fba8a618ef77fbc5cebc12ca68497499f595c802a29a24863fc9fcc1f56592a6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits
2
Date
Wed, 16 Oct 2019 14:42:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Oct 2019 13:05:31 GMT
Server
NCSA/1.4.2
ETag
W/"47393-1571144731000"
Vary
Accept-Encoding
X-Varnish-BE
playerlin75
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
12817
additional-methods.js
www.nestlepromo.be/20/js/validate/ Frame D8BF
38 KB
11 KB
Script
General
Full URL
https://www.nestlepromo.be/20/js/validate/additional-methods.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
34eaf08c756cd248519acb73fb69f36c36cbb9aef23ab74ed301c2b8a3c7d793

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits
2
Date
Wed, 16 Oct 2019 14:42:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Oct 2019 13:05:31 GMT
Server
NCSA/1.4.2
ETag
W/"39117-1571144731000"
Vary
Accept-Encoding
X-Varnish-BE
playerlin75
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
10502
validateDate.js
www.nestlepromo.be/20/js/validate/ Frame D8BF
217 KB
38 KB
Script
General
Full URL
https://www.nestlepromo.be/20/js/validate/validateDate.js?version=2
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
8e39d1dd0023af9edb31ab357803e26be68751ea3a253128e73661560809d886

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits
2
Date
Wed, 16 Oct 2019 14:42:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Oct 2019 13:05:31 GMT
Server
NCSA/1.4.2
ETag
W/"222261-1571144731000"
Vary
Accept-Encoding
X-Varnish-BE
playerlin78
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
38485
jquery.inputmask.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/ Frame D8BF
74 KB
22 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/jquery.inputmask.bundle.min.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d00a43e3b1c901b663bad31799b39eb483cff9bf4e03bce932128d35ce14a9a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:42:57 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
15870801
status
200
served-in-seconds
0.002
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:59 GMT
server
cloudflare
etag
W/"5afd497b-128e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
526acd64fc1e59e2-VIE
expires
Mon, 05 Oct 2020 14:42:57 GMT
player.css.cfm
www.nestlepromo.be/20/ws/css/ Frame D8BF
42 KB
13 KB
Stylesheet
General
Full URL
https://www.nestlepromo.be/20/ws/css/player.css.cfm?questionset=true&justification=true&v=3015
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
4130f17dfa410bcaf8affc83a95020691735bf0f8263f96db9e2067e5fc1574c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits
0
Date
Wed, 16 Oct 2019 14:43:02 GMT
Content-Encoding
gzip
Server
NCSA/1.4.2
Vary
Accept-Encoding
X-Varnish-BE
playerlin78
Cache-Control
maxage=31536000, public, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css;charset=UTF-8
dateAgeCompare.js
www.nestlepromo.be/20/js/ Frame D8BF
5 KB
1 KB
Script
General
Full URL
https://www.nestlepromo.be/20/js/dateAgeCompare.js?v=7.28.7
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
fde07c4fc186e48869476370bcd4a43384ab806e9327b3ed9d2ab2a74d9323e4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits
2
Date
Wed, 16 Oct 2019 14:42:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Oct 2019 13:05:31 GMT
Server
NCSA/1.4.2
ETag
W/"4870-1571144731000"
Vary
Accept-Encoding
X-Varnish-BE
playerlin74
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
915
style.css
files.qualifio.com/static/nestle_belgium/75EE418D-9051-2B50-1697-BD026D090A59/ Frame D8BF
36 KB
7 KB
Stylesheet
General
Full URL
https://files.qualifio.com/static/nestle_belgium/75EE418D-9051-2B50-1697-BD026D090A59/style.css?v=190715154009
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
2b03e23d5274520ffb293644a8991f4a2ab46eda06e7c663d608910f102cf059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Apr 2018 14:43:10 GMT
server
NCSA/1.4.2
age
0
status
200
etag
"3376785926"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
6917
x-xss-protection
1; mode=block
showhide.min.js
files.qualifio.com/static/common/js/banners/ Frame D8BF
268 B
457 B
Script
General
Full URL
https://files.qualifio.com/static/common/js/banners/showhide.min.js?v=1
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
f372045a176af5d908a98bd807cf35fbcb3165d71bac093d11bfd531bfc551fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 12:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 14 Mar 2017 11:02:10 GMT
server
NCSA/1.4.2
age
9011
status
200
etag
"149969135"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
175
x-xss-protection
1; mode=block
tldjs.js
player.qualifio.com/20/js/validate/ Frame D8BF
92 KB
36 KB
Script
General
Full URL
https://player.qualifio.com/20/js/validate/tldjs.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/js/validate/jquery.validate.js?version=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
81fd20c2f288b1b3850e0c91e9cd5a87a61af0a4f2b1719cf0ce238d96e996bd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits
615
Date
Wed, 16 Oct 2019 14:42:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Oct 2019 13:05:31 GMT
Server
NCSA/1.4.2
ETag
W/"94080-1571144731000"
Vary
Accept-Encoding
X-Varnish-BE
playerlin26
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
36173
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame D8BF
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:43:02 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
css
fonts.googleapis.com/ Frame D8BF
24 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800italic,800
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 16 Oct 2019 14:43:02 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 16 Oct 2019 14:43:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 16 Oct 2019 14:43:02 GMT
browserinfo.cfc
www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1/cfc/ Frame D8BF
238 B
539 B
XHR
General
Full URL
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1/cfc/browserinfo.cfc?method=save&CFID=6e385900-71ed-40f4-828b-e2c88bd546db&CFTOKEN=0
Requested by
Host: files.qualifio.com
URL: https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
c646dec70f85cc3911a0dcd13377b189c8f7f87d2f8b0dc4cfffb5f3727feaa5

Request headers

Accept
*/*
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Varnish-Hits
0
Date
Wed, 16 Oct 2019 14:43:03 GMT
Content-Encoding
gzip
Server
NCSA/1.4.2
Return-Format
plain
Vary
Accept-Encoding
X-Varnish-BE
playerlin77s
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/plain;charset=UTF-8
7578E8A3-0CE3-C84C-79AC6EFC31FE060B.png
files.qualifio.com/library/nestle_belgium/fonds/2018/04/ Frame D8BF
2 MB
2 MB
Image
General
Full URL
https://files.qualifio.com/library/nestle_belgium/fonds/2018/04/7578E8A3-0CE3-C84C-79AC6EFC31FE060B.png
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
0f50656ee4ed2472ffc112714b7afc5c0f18366f9c10cb9d32a8200cff13856d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://files.qualifio.com/static/nestle_belgium/75EE418D-9051-2B50-1697-BD026D090A59/style.css?v=190715154009
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:43:02 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Apr 2018 12:18:44 GMT
server
NCSA/1.4.2
age
0
etag
"3872388427"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
2142419
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ Frame D8BF
99 KB
27 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WPH3HHC
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e917e1c97641af41825c583d8dcb2efbdfd0290b760fc9a6b8d66de28e1ab44
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:43:03 GMT
content-encoding
br
last-modified
Wed, 16 Oct 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27245
x-xss-protection
0
expires
Wed, 16 Oct 2019 14:43:03 GMT
qualp.2.min.js
files.qualifio.com/kit/ Frame D8BF
Redirect Chain
  • https://player.qualifio.com/kit/qualp.2.min.js
  • https://files.qualifio.com/kit/qualp.2.min.js
14 KB
6 KB
Script
General
Full URL
https://files.qualifio.com/kit/qualp.2.min.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
1b6fd7c4b5b7e82c2c6513aec2097e3c68341a2ae73b3b11a6a0b55b8a32bf15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 11:52:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2019 10:20:09 GMT
server
NCSA/1.4.2
age
10215
status
200
etag
"1350629889"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
6309
x-xss-protection
1; mode=block

Redirect headers

location
https://files.qualifio.com/kit/qualp.2.min.js
Date
Wed, 16 Oct 2019 14:43:03 GMT
Server
Varnish
Connection
keep-alive
Content-Length
0
X-Varnish
348442856
keepAlive.cfm
www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/ Frame D8BF
3 B
326 B
XHR
General
Full URL
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/keepAlive.cfm?uk=QCMDXOTYQ4U&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0
Requested by
Host: files.qualifio.com
URL: https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22

Request headers

Accept
*/*
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

X-Varnish-Hits
0
Date
Wed, 16 Oct 2019 14:43:03 GMT
Content-Encoding
gzip
Server
NCSA/1.4.2
Vary
Accept-Encoding
X-Varnish-BE
playerlin77s
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html;charset=utf-8
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ Frame D8BF
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800italic,800
Origin
https://www.nestlepromo.be
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 09:41:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
536512
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9080
x-xss-protection
0
expires
Fri, 09 Oct 2020 09:41:11 GMT
evidon-sitenotice-tag.js
c.evidon.com/sitenotice/ Frame D8BF
44 KB
12 KB
Script
General
Full URL
https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.0.46.190 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-0-46-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
311f7c035bd8e2e36fdef1962231c004e48199087b73427a87499997210bfe16

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:43:03 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
11996
last-modified
Tue, 15 Oct 2019 20:41:09 GMT
server
AkamaiNetStorage
etag
"b42c671932dcdded523f9b56fb2dc206:1571172069"
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
cache-control
max-age=86400, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 17 Oct 2019 14:43:03 GMT
country.js
c.evidon.com/geo/ Frame D8BF
260 B
512 B
Script
General
Full URL
https://c.evidon.com/geo/country.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.0.46.190 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-0-46-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f9784f57729f84391b084eed9e944e048f771129d65e9b58f34095fdfba86473

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:43:03 GMT
last-modified
Wed, 30 May 2018 22:23:16 GMT
server
AkamaiNetStorage
status
200
etag
"c1e367d098d326049811561575dbda4a:1527718996"
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
accept-ranges
bytes
access-control-allow-headers
*
content-length
260
snthemes.js
c.evidon.com/sitenotice/2020/ Frame D8BF
922 KB
22 KB
Script
General
Full URL
https://c.evidon.com/sitenotice/2020/snthemes.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.0.46.190 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-0-46-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
82df124d011a77d594c7ec23e20a86efaf0cb686dcd6f319d90e30a077f9ff7e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:43:03 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
22024
last-modified
Tue, 15 Oct 2019 06:04:31 GMT
server
AkamaiNetStorage
etag
"22bdaf34cfe3ef306399f4bba9c91a96:1571119471"
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
cache-control
max-age=86400, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 17 Oct 2019 14:43:03 GMT
settings.js
c.evidon.com/sitenotice/2020/nestlepromo/ Frame D8BF
3 KB
1 KB
Script
General
Full URL
https://c.evidon.com/sitenotice/2020/nestlepromo/settings.js
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463567_465/Smiley-1-NL.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.0.46.190 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-0-46-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4ed4c7b2177fbf30c74a13d471f8e9b5d87375d763da25957dd626824f06bec5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:43:03 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
1039
last-modified
Thu, 16 May 2019 10:23:43 GMT
server
AkamaiNetStorage
etag
"36c03c8783957d5a6395468abc067b12:1558002223"
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
cache-control
max-age=86400, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 17 Oct 2019 14:43:03 GMT
store-participation
www.nestlepromo.be/ Frame D8BF
0
186 B
XHR
General
Full URL
https://www.nestlepromo.be/store-participation?client_id
Requested by
Host: files.qualifio.com
URL: https://files.qualifio.com/kit/qualp.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
X-Part
-
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:43:03 GMT
Server
Varnish
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/plain
Content-Length
0
X-Varnish
355741136
store-participation
www.nestlepromo.be/ Frame D8BF
36 B
267 B
XHR
General
Full URL
https://www.nestlepromo.be/store-participation?client_id
Requested by
Host: files.qualifio.com
URL: https://files.qualifio.com/kit/qualp.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Varnish /
Resource Hash
f1edf6f8ccb32257259afe1358e40af3977850e2ec356d2cb0ea00aae76b7e33

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
X-Part
6afb22ec-0a30-e798-9a25-a3a2c280af3e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:43:03 GMT
Server
Varnish
ETag
6afb22ec-0a30-e798-9a25-a3a2c280af3e
X-Varnish
355741137
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/plain
Content-Length
36
events
www.nestlepromo.be/egw/ Frame D8BF
2 B
657 B
XHR
General
Full URL
https://www.nestlepromo.be/egw/events
Requested by
Host: files.qualifio.com
URL: https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
22
X-XSS-Protection
1; mode=block
Server
NCSA/1.4.2
Date
Wed, 16 Oct 2019 14:43:03 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Varnish-BE
production_varnish_02
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Varnish-Hits
0
Content-Type
text/plain
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
en.js
c.evidon.com/sitenotice/2020/translations/ Frame D8BF
2 MB
27 KB
Script
General
Full URL
https://c.evidon.com/sitenotice/2020/translations/en.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.0.46.190 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-0-46-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9a7e47c31f71938f55ef8c3273b4bf579cf718c4adce006bd597ad01b226ad35

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:43:03 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
27543
last-modified
Tue, 08 Oct 2019 17:32:11 GMT
server
AkamaiNetStorage
etag
"df78292307d8cfddfea77e721a532aa5:1570555931"
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
cache-control
max-age=86400, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 17 Oct 2019 14:43:03 GMT
fr.js
c.evidon.com/sitenotice/2020/translations/ Frame D8BF
2 MB
27 KB
Script
General
Full URL
https://c.evidon.com/sitenotice/2020/translations/fr.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.0.46.190 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-0-46-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
aaff4ce215d03420a2f8ef949b940c2cfad9c56a73d9726e04317d22b7184f37

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:43:03 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
27645
last-modified
Tue, 01 Oct 2019 20:52:46 GMT
server
AkamaiNetStorage
etag
"ccede7d4ed28ba58ac65a2831e7c6b4e:1569963166"
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
cache-control
max-age=86400, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 17 Oct 2019 14:43:03 GMT
evidon-banner.js
c.evidon.com/sitenotice/ Frame D8BF
10 KB
3 KB
Script
General
Full URL
https://c.evidon.com/sitenotice/evidon-banner.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.0.46.190 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-0-46-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
06d56458db165cd0ede7a6c23b441e81d0269feac7f8793d582253cc63e9db38

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:43:03 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
2958
last-modified
Tue, 15 Oct 2019 20:41:10 GMT
server
Apache
etag
"119ff1c01eb744dc72c66e4d7f49b38b:1571172072"
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
cache-control
max-age=86400, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 17 Oct 2019 14:43:03 GMT
2
l.betrad.com/site/v3/2020/15950/20/1/2/ Frame D8BF
0
120 B
Image
General
Full URL
https://l.betrad.com/site/v3/2020/15950/20/1/2/2?consent=0
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.182.57 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-182-57.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Wed, 16 Oct 2019 14:43:03 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
51680
l.betrad.com/site/v3/2020/15950/20/1/2/2/ Frame D8BF
0
120 B
Image
General
Full URL
https://l.betrad.com/site/v3/2020/15950/20/1/2/2/51680?consent=0
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.182.57 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-182-57.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Wed, 16 Oct 2019 14:43:03 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
51680
l.betrad.com/site/v3/2020/15950/20/4/2/2/ Frame D8BF
0
120 B
Image
General
Full URL
https://l.betrad.com/site/v3/2020/15950/20/4/2/2/51680?consent=0
Requested by
Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.182.57 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-182-57.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Wed, 16 Oct 2019 14:43:03 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
_ajax_get_querystring.cfm
www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1/ Frame D8BF
0
227 B
XHR
General
Full URL
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1/_ajax_get_querystring.cfm?uk=QCMDXOTYQ4U&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&ref=https%3A%2F%2Fwww.nestlepromo.be%2Fquiz%2F463567_465%2FSmiley-1-NL.html
Requested by
Host: files.qualifio.com
URL: https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.33.19.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
NCSA/1.4.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

X-Varnish-Hits
0
Date
Wed, 16 Oct 2019 14:43:03 GMT
Server
NCSA/1.4.2
X-Varnish-BE
playerlin77s
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html;charset=utf-8
Content-Length
0

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| _qual_init_rum object| _qual_async object| elasticApm

1 Cookies

Domain/Path Name / Value
www.nestlepromo.be/quiz/463567_465 Name: _qual_restore_75EE418D-9051-2B50-1697-BD026D090A59
Value: https://www.nestlepromo.be/20/75EE418D-9051-2B50-1697-BD026D090A59/s77/v1.cfm?page=1&uk=QCMDXOTYQ4U&noback=false&cfid=6e385900-71ed-40f4-828b-e2c88bd546db&cftoken=0&fbappiframe=false

1 Console Messages

Source Level URL
Text
console-api info URL: https://files.qualifio.com/kit/elastic-apm-opentracing.umd.min.js(Line 2)
Message:
RUM agent is inactive

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.evidon.com
cdnjs.cloudflare.com
files.qualifio.com
fonts.googleapis.com
fonts.gstatic.com
l.betrad.com
maxcdn.bootstrapcdn.com
player.qualifio.com
touch-agency.emsecure.net
www.googletagmanager.com
www.nestlepromo.be
178.33.19.116
194.213.114.167
2001:4de0:ac19::1:b:3a
23.0.46.190
2606:4700::6813:c497
2a00:1450:4001:806::2003
2a00:1450:4001:814::2008
2a00:1450:4001:81f::200a
51.89.119.165
52.72.182.57
02f64c74ff5e979f732ec1dd218f431befb7967df00ff11dba6a070a5d961ada
06d56458db165cd0ede7a6c23b441e81d0269feac7f8793d582253cc63e9db38
0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538
0f50656ee4ed2472ffc112714b7afc5c0f18366f9c10cb9d32a8200cff13856d
1b6fd7c4b5b7e82c2c6513aec2097e3c68341a2ae73b3b11a6a0b55b8a32bf15
1d00a43e3b1c901b663bad31799b39eb483cff9bf4e03bce932128d35ce14a9a
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
2281de733d9dcbec745759da0b8db494ee4a0f179f9db6ee7271f43523d7d5ab
2b03e23d5274520ffb293644a8991f4a2ab46eda06e7c663d608910f102cf059
311f7c035bd8e2e36fdef1962231c004e48199087b73427a87499997210bfe16
34eaf08c756cd248519acb73fb69f36c36cbb9aef23ab74ed301c2b8a3c7d793
38ff61155ed0c4e21095a6ea52dfcb3a55dd289a2a2dd569d062156e9c53cbd4
4130f17dfa410bcaf8affc83a95020691735bf0f8263f96db9e2067e5fc1574c
4ed4c7b2177fbf30c74a13d471f8e9b5d87375d763da25957dd626824f06bec5
53709c84feb7b82b1c106ee9b461b109c4fe37a6210a984d6b2d44ed1de49fa1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e917e1c97641af41825c583d8dcb2efbdfd0290b760fc9a6b8d66de28e1ab44
81fd20c2f288b1b3850e0c91e9cd5a87a61af0a4f2b1719cf0ce238d96e996bd
82df124d011a77d594c7ec23e20a86efaf0cb686dcd6f319d90e30a077f9ff7e
83f17340d547d5ebd86043684344da927f263a43d01ec2730814de17e87a08f8
8e39d1dd0023af9edb31ab357803e26be68751ea3a253128e73661560809d886
92bb04a652129679f5d8e5f40492ceeeb701c74cd09a45c6b16e1b1da5e23e0c
9825531d5b00159fcd4e0042f3b5f4fc2eb147cb9974bb54fb20a0d68a763c65
9a7e47c31f71938f55ef8c3273b4bf579cf718c4adce006bd597ad01b226ad35
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
aaff4ce215d03420a2f8ef949b940c2cfad9c56a73d9726e04317d22b7184f37
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
ba71a3b0b07fc07c89c93b8f8c303f7f6f9209fb80cecfbc22b9e83afc1d8acd
c4242001d22f6a186deb334a84335af0717f5c1f7e2793f123a8a415c99911aa
c646dec70f85cc3911a0dcd13377b189c8f7f87d2f8b0dc4cfffb5f3727feaa5
ccb23e1a2db26ee07f297182c83b83eaedc5a5cc92de9dd9a15990ed2dce5877
dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22
e34c0cc1e6cfafa9dd2cf20f1c77d0ffaf293aeb9745cc7d53670e0100f8381d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1edf6f8ccb32257259afe1358e40af3977850e2ec356d2cb0ea00aae76b7e33
f372045a176af5d908a98bd807cf35fbcb3165d71bac093d11bfd531bfc551fe
f84a4276c72b71bb2fd2bdb7e72153840594c2bdc6d513676792d5f3a9462c9f
f9784f57729f84391b084eed9e944e048f771129d65e9b58f34095fdfba86473
fba8a618ef77fbc5cebc12ca68497499f595c802a29a24863fc9fcc1f56592a6
fde07c4fc186e48869476370bcd4a43384ab806e9327b3ed9d2ab2a74d9323e4
fffcdb1790d8e87b0830f0baee115983cdc60a95324ace2ead9d8de8b0527213