www.nestlepromo.be Open in urlscan Pro
54.38.245.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://touch-agency.emsecure.net/optiext/optiextension.dll?ID=QijQlNOLbh5phhZ_l0ILw3lFKlUaJZFiZLQHPZPe0vdmnMM6JL1Ul+X6cb9SY3bcfou...
Effective URL:
https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
Submission: On March 27 via api (March 27th 2020, 4:14:58 am UTC) from BE

Summary HTTP 57 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 13 IPs in 7 countries across 12 domains to perform 57 HTTP transactions. The main IP is 54.38.245.3, located in France and belongs to OVH, FR. The main domain is www.nestlepromo.be.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 10th 2020. Valid for: 3 months.

This is the only time www.nestlepromo.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.213.114.167 194.213.114.167	34762 (COMBELL-AS) (COMBELL-AS)
1 14	54.38.245.3 54.38.245.3	16276 (OVH) (OVH)
19	195.181.175.55 195.181.175.55	60068 (CDN77) (CDN77)
3	54.38.36.114 54.38.36.114	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.83.250.248 51.83.250.248	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
7	104.73.156.224 104.73.156.224	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	52.203.173.113 52.203.173.113	14618 (AMAZON-AES) (AMAZON-AES)
2	51.89.119.165 51.89.119.165	16276 (OVH) (OVH)
57	13

1 194.213.114.167 (Belgium) 1 redirects

ASN34762 (COMBELL-AS, BE)
PTR: webapp167.emsecure.net

touch-agency.emsecure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.38.245.3 (France) 1 redirects

ASN16276 (OVH, FR)

www.nestlepromo.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 195.181.175.55 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-55.datapacket.com

files.qualifio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.38.36.114 (France)

ASN16276 (OVH, FR)
PTR: ip-54-38-36.eu

player.qualifio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.250.248 (Poland)

ASN16276 (OVH, FR)
PTR: ip-51-83-250.eu

fonts.qualifio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.73.156.224 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-73-156-224.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.203.173.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-173-113.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.119.165 (Germany)

ASN16276 (OVH, FR)

sococakciwibib.k8s.qualif.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	qualifio.com files.qualifio.com player.qualifio.com fonts.qualifio.com	3 MB
14	nestlepromo.be 1 redirects www.nestlepromo.be	85 KB
7	evidon.com c.evidon.com	110 KB
3	betrad.com l.betrad.com	360 B
3	facebook.com www.facebook.com	528 B
2	qualif.io sococakciwibib.k8s.qualif.io	633 B
2	facebook.net connect.facebook.net	142 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	gstatic.com fonts.gstatic.com	9 KB
1	googleapis.com fonts.googleapis.com	971 B
1	cloudflare.com cdnjs.cloudflare.com	22 KB
1	emsecure.net 1 redirects touch-agency.emsecure.net	222 B
57	12

	Domain	Requested by
19	files.qualifio.com	www.nestlepromo.be
14	www.nestlepromo.be	1 redirects files.qualifio.com www.nestlepromo.be player.qualifio.com
7	c.evidon.com	www.nestlepromo.be c.evidon.com
3	l.betrad.com	www.nestlepromo.be
3	www.facebook.com	www.nestlepromo.be
3	player.qualifio.com	www.nestlepromo.be
2	sococakciwibib.k8s.qualif.io	files.qualifio.com
2	connect.facebook.net	www.nestlepromo.be connect.facebook.net
1	www.googletagmanager.com	www.nestlepromo.be
1	fonts.gstatic.com	www.nestlepromo.be
1	fonts.googleapis.com	www.nestlepromo.be
1	fonts.qualifio.com	www.nestlepromo.be
1	cdnjs.cloudflare.com	www.nestlepromo.be
1	touch-agency.emsecure.net	1 redirects
57	14

This site contains links to these domains. Also see Links.

Domain
touch-agency.emsecure.net
www.nestle.be

Subject Issuer	Validity	Valid
www.nestlepromo.be Let's Encrypt Authority X3	`2020-03-10` - `2020-06-08`	3 months	crt.sh
1220507597.rsc.cdn77.org Let's Encrypt Authority X3	`2020-03-03` - `2020-06-01`	3 months	crt.sh
player.qualifio.com Let's Encrypt Authority X3	`2020-02-02` - `2020-05-02`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
fonts.qualifio.com Let's Encrypt Authority X3	`2020-03-20` - `2020-06-18`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.evidon.com DigiCert ECC Secure Server CA	`2019-02-01` - `2020-05-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
l.betrad.com Go Daddy Secure Certificate Authority - G2	`2019-04-25` - `2021-06-24`	2 years	crt.sh
sococakciwibib.k8s.qualif.io Let's Encrypt Authority X3	`2020-02-05` - `2020-05-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
Frame ID: 01F7BE345A0A2B82F3EA922C58F6E979
Requests: 10 HTTP requests in this frame

Frame: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
Frame ID: A416F97FCD6D78162D390473499E99B4
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://touch-agency.emsecure.net/optiext/optiextension.dll?ID=QijQlNOLbh5phhZ_l0ILw3lFKlUaJZFiZLQHPZPe0vdmnMM... HTTP 302
https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN Page URL

Page Statistics

57
Requests

100 %
HTTPS

43 %
IPv6

12
Domains

14
Subdomains

13
IPs

7
Countries

3871 kB
Transfer

10666 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://touch-agency.emsecure.net/optiext/optiextension.dll?id=jbyW7nBYzSnwZVmUr5qzc4Twp4S4DlWDDPBZby8o0v6d5p7ozA55NzGqc0BuGTF41PjSylgDqBA1Ajac7t5WVVGYGG
Title: Cliquez ici

Search URL Search Domain Scan URL

URL: http://www.nestle.be/fr/info/contactus
Title: nous contacter

Search URL Search Domain Scan URL

URL: http://www.nestle.be/fr/info/yourdata
Title: lisez ici notre Déclaration de confidentialité

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://touch-agency.emsecure.net/optiext/optiextension.dll?ID=QijQlNOLbh5phhZ_l0ILw3lFKlUaJZFiZLQHPZPe0vdmnMM6JL1Ul+X6cb9SY3bcfouZi_KebWAYK+apsEFLaHZ0u4WIe HTTP 302
https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/v1.cfm?id=44A8AED7-EF99-36F5-FEFB-4629001F31A7&pdomain=https://www.nestlepromo.be&utm_source=Newsletter%20MWN&utm_source=Newsletter%20MWN HTTP 302
https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Smiley-1-FR.html Show response
www.nestlepromo.be/quiz/463237_465/
Redirect Chain

http://touch-agency.emsecure.net/optiext/optiextension.dll?ID=QijQlNOLbh5phhZ_l0ILw3lFKlUaJZFiZLQHPZPe0vdmnMM6JL1Ul+X6cb9SY3bcfouZi_KebWAYK+apsEFLaHZ0u4WIe
https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN

7 KB
3 KB

612ms
385ms

Document
text/html

54.38.245.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.38.245.3 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

4f446bc4b1705571b23e4a1f21d19400ec7c51e7b315248c61e1a0c3aa6abeeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.nestlepromo.be
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Mar 2020 04:14:39 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=1, s-maxage=60, max-stale=120
Content-Encoding: gzip
Age: 0
Server: NCSA/1.4.2
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Connection: keep-alive
Transfer-Encoding: chunked

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
Date: Fri, 27 Mar 2020 04:14:39 GMT
Content-Length: 210

GET
H2 200 default.css
files.qualifio.com/static/common/minisite/ 4 KB
1 KB 240ms
79ms Stylesheet
text/css 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/minisite/default.css?v=20190715153908

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

53709c84feb7b82b1c106ee9b461b109c4fe37a6210a984d6b2d44ed1de49fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 944
x-edge-location: frankfurtDE
x-cache: REVALIDATED
status: 200
x-age: 47864
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Feb 2019 04:05:01 GMT
server: CDN77-Turbo
etag: W/"3174871172"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H2 200 style.css
files.qualifio.com/static/nestle_belgium/44A8AED7-EF99-36F5-FEFB-4629001F31A7/minisite/ 2 KB
885 B 239ms
78ms Stylesheet
text/css 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/nestle_belgium/44A8AED7-EF99-36F5-FEFB-4629001F31A7/minisite/style.css?v=20190715153908

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

ac2d7c342e77f920f000e32b137e5d7f3b4701fa2923153c4f330b0456dc6e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
x-edge-location: frankfurtDE
x-cache: REVALIDATED
status: 200
x-age: 47863
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jul 2019 13:39:09 GMT
server: CDN77-Turbo
etag: W/"3736927522"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H2 200 7496A106-A0DD-CAA0-C428BBCE43331838.gif
files.qualifio.com/library/nestle_belgium/pubs/2018/04/ 1 MB
1 MB 202ms
42ms Image
image/gif 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.qualifio.com/library/nestle_belgium/pubs/2018/04/7496A106-A0DD-CAA0-C428BBCE43331838.gif

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

02f64c74ff5e979f732ec1dd218f431befb7967df00ff11dba6a070a5d961ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
x-content-type-options: nosniff
age: 2388
x-edge-location: frankfurtDE
x-cache: REVALIDATED
status: 200
x-age: 47864
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
content-length: 1196175
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Apr 2018 11:53:52 GMT
server: CDN77-Turbo
etag: "2158945318"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53
accept-ranges: bytes

GET
H2 200 default.css
files.qualifio.com/static/common/minisite/ 0
1 KB 185ms
25ms Other
text/css 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/minisite/default.css?v=20190715153908

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 944
x-edge-location: frankfurtDE
x-cache: UPDATING
status: 200
x-age: 47864
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Feb 2019 04:05:01 GMT
server: CDN77-Turbo
etag: W/"3174871172"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H2 200 style.css
files.qualifio.com/static/nestle_belgium/44A8AED7-EF99-36F5-FEFB-4629001F31A7/minisite/ 0
882 B 46ms
45ms Other
text/css 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/nestle_belgium/44A8AED7-EF99-36F5-FEFB-4629001F31A7/minisite/style.css?v=20190715153908

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
x-edge-location: frankfurtDE
x-cache: UPDATING
status: 200
x-age: 47863
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jul 2019 13:39:09 GMT
server: CDN77-Turbo
etag: W/"3736927522"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H2 200 elastic-apm-opentracing.umd.min.js Show response
files.qualifio.com/kit/ 59 KB
18 KB 48ms
47ms Script
application/javascript 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/kit/elastic-apm-opentracing.umd.min.js

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

ccb23e1a2db26ee07f297182c83b83eaedc5a5cc92de9dd9a15990ed2dce5877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2064
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 4078
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Sep 2019 13:02:09 GMT
server: CDN77-Turbo
etag: W/"3199105115"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H2 200 qualp.2.min.js Show response
files.qualifio.com/kit/ 14 KB
6 KB 49ms
48ms Script
application/javascript 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/kit/qualp.2.min.js

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

bc644c7a286f75f31bdbf605158b4573252c9eaa10cc44c72050bbf55713442a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4462
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 7627
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Dec 2019 07:57:52 GMT
server: CDN77-Turbo
etag: W/"2162768700"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H/1.1

200
OK

v1.cfm Show response
www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/ Frame A416
Redirect Chain

https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/v1.cfm?id=44A8AED7-EF99-36F5-FEFB-4629001F31A7&pdomain=https://www.nestlepromo.be&utm_source=Newsletter%20MWN&utm_source=Newslette...
https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false

26 KB
7 KB

146ms
146ms

Document
text/html

54.38.245.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false

Requested by

Host: files.qualifio.com
URL: https://files.qualifio.com/kit/qualp.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.38.245.3 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

98237216cc0a94410379b8a8ab8036429be995d0b07fba916b4a2e97b383b63d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.nestlepromo.be
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Referer: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: UTM=EFB24706-ADA8-4557-BD43E485B2CB5A2F
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN

Response headers

Pragma: no-cache
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Fri, 27 Mar 2020 04:14:40 GMT
Vary: Accept-Encoding
Age: 0
Server: NCSA/1.4.2
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Varnish-Hits: 0
Accept-Ranges: bytes
Content-Length: 6539
Connection: keep-alive

Redirect headers

Set-Cookie: UTM=EFB24706-ADA8-4557-BD43E485B2CB5A2F;Path=/;Expires=Sun, 29-Mar-2020 04:14:40 UTC;HTTPOnly
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Date: Fri, 27 Mar 2020 04:14:40 GMT
location: /20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 0
Server: NCSA/1.4.2
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Varnish-Hits: 0
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 es5-shim.min.js Show response
files.qualifio.com/static/common/js/shim/ Frame A416 17 KB
6 KB 26ms
24ms Script
application/javascript 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/shim/es5-shim.min.js?v=1

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

c4242001d22f6a186deb334a84335af0717f5c1f7e2793f123a8a415c99911aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1957
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 7443
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Tue, 29 Sep 2015 15:57:24 GMT
server: CDN77-Turbo
etag: W/"2619437583"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H2 200 es5-sham.min.js Show response
files.qualifio.com/static/common/js/shim/ Frame A416 6 KB
2 KB 27ms
25ms Script
application/javascript 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/shim/es5-sham.min.js?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

92bb04a652129679f5d8e5f40492ceeeb701c74cd09a45c6b16e1b1da5e23e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5715
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 7443
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Tue, 29 Sep 2015 15:57:23 GMT
server: CDN77-Turbo
etag: W/"1967313635"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H2 200 jquery.min.js Show response
files.qualifio.com/static/common/js/jquery/1.11.3/ Frame A416 94 KB
32 KB 34ms
31ms Script
application/javascript 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2798
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 7443
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Aug 2015 09:43:18 GMT
server: CDN77-Turbo
etag: W/"2174644405"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
files.qualifio.com/static/common/js/jquery/ Frame A416 7 KB
3 KB 34ms
32ms Script
application/javascript 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/jquery/jquery-migrate-1.2.1.min.js?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6394
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 7443
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Aug 2015 09:53:36 GMT
server: CDN77-Turbo
etag: W/"1459424739"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H2 200 jquery-ui.min.css
files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/ Frame A416 16 KB
5 KB 35ms
31ms Stylesheet
text/css 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/jquery-ui.min.css?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

a5421846ea8b19550ff03785d18e15f700fb56b82d79379856056ae59fc28478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8729
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 7443
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Mar 2020 13:17:56 GMT
server: CDN77-Turbo
etag: W/"2851804444"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H2 200 jquery-ui.min.js Show response
files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/ Frame A416 235 KB
59 KB 47ms
43ms Script
application/javascript 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/jquery-ui-1.11.4.custom/jquery-ui.min.js?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

e34c0cc1e6cfafa9dd2cf20f1c77d0ffaf293aeb9745cc7d53670e0100f8381d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2447
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 7443
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Aug 2015 13:27:37 GMT
server: CDN77-Turbo
etag: W/"1138659313"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H/1.1 200
OK jquery-ui.min.css
player.qualifio.com/20/js/autocomplete/ Frame A416 15 KB
5 KB 120ms
29ms Stylesheet
text/css 54.38.36.114
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://player.qualifio.com/20/js/autocomplete/jquery-ui.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.38.36.114 , France, ASN16276 (OVH, FR),

Reverse DNS

ip-54-38-36.eu

Software

NCSA/1.4.2 /

Resource Hash

5474ee8921895995993d2e2360f6fb9ade26aab74d749c68823e23b6ae562808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 27 Mar 2020 04:13:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Mar 2020 11:10:57 GMT
Server: NCSA/1.4.2
Age: 61
ETag: W/"15756-1585134657000"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Connection: keep-alive
X-Varnish-Hits: 14
Content-Length: 4999
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery.fancybox.min.js Show response
files.qualifio.com/static/common/js/fancybox/source/ Frame A416 22 KB
7 KB 49ms
46ms Script
application/javascript 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/fancybox/source/jquery.fancybox.min.js?v=1?v=2.0.6

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

9825531d5b00159fcd4e0042f3b5f4fc2eb147cb9974bb54fb20a0d68a763c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2292
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 7443
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Aug 2015 11:19:55 GMT
server: CDN77-Turbo
etag: W/"285586998"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H2 200 jquery.fancybox.css
files.qualifio.com/static/common/js/fancybox/source/ Frame A416 3 KB
1 KB 35ms
32ms Stylesheet
text/css 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/fancybox/source/jquery.fancybox.css?v=1?v=2.0.6

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

11578b6e7afc3a18b6c21a953875c3670b822fff5c7bfa7119ad30186d2c29cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6293
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 7443
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Feb 2020 11:31:05 GMT
server: CDN77-Turbo
etag: W/"1967210494"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H/1.1 200
OK jquery.validate.js Show response
www.nestlepromo.be/20/js/validate/ Frame A416 46 KB
13 KB 41ms
38ms Script
application/javascript 54.38.245.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nestlepromo.be/20/js/validate/jquery.validate.js?version=4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.38.245.3 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

fba8a618ef77fbc5cebc12ca68497499f595c802a29a24863fc9fcc1f56592a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-Varnish-Hits: 0
Date: Fri, 27 Mar 2020 04:14:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Mar 2020 11:10:57 GMT
Server: NCSA/1.4.2
Age: 0
ETag: W/"47393-1585134657000"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK additional-methods.js Show response
www.nestlepromo.be/20/js/validate/ Frame A416 38 KB
11 KB 125ms
34ms Script
application/javascript 54.38.245.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nestlepromo.be/20/js/validate/additional-methods.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.38.245.3 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

34eaf08c756cd248519acb73fb69f36c36cbb9aef23ab74ed301c2b8a3c7d793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-Varnish-Hits: 0
Date: Fri, 27 Mar 2020 04:14:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Mar 2020 11:10:57 GMT
Server: NCSA/1.4.2
Age: 0
ETag: W/"39117-1585134657000"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK validateDate.js Show response
www.nestlepromo.be/20/js/validate/ Frame A416 217 KB
38 KB 127ms
36ms Script
application/javascript 54.38.245.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nestlepromo.be/20/js/validate/validateDate.js?version=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.38.245.3 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

bd456ba86769041e7f82800178460c1da5846e1ab27cdaeac7b678311d48fe69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-Varnish-Hits: 0
Date: Fri, 27 Mar 2020 04:14:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Mar 2020 11:10:57 GMT
Server: NCSA/1.4.2
Age: 0
ETag: W/"222207-1585134657000"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery.inputmask.bundle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/ Frame A416 74 KB
22 KB 17ms
14ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.3.4/jquery.inputmask.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d00a43e3b1c901b663bad31799b39eb483cff9bf4e03bce932128d35ce14a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 21241615
cf-ray: 57a64931f9be9730-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:20:59 GMT
server: cloudflare
etag: W/"5afd497b-128e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 17 Mar 2021 04:14:40 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.002

GET
H/1.1 200
OK player.css.cfm
www.nestlepromo.be/20/ws/css/ Frame A416 39 KB
9 KB 89ms
43ms Stylesheet
text/css 54.38.245.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nestlepromo.be/20/ws/css/player.css.cfm?questionset=true&justification=true&v=AE26D98201997A58BE7936F235920201

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.38.245.3 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

ea4e2cd3e9bce2e3248bfb81dce1ee01fda4d2290236aeb45ac06a800b322fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

X-Varnish-Hits: 0
Pragma: public
Date: Fri, 27 Mar 2020 04:14:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: NCSA/1.4.2
Age: 0
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: maxage=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block
expires: Fri, 27 Mar 2020 04:14:41 GMT

GET
H2 200 qlf_datalayer.1.4.0.min.js Show response
files.qualifio.com/static/common/js_new/qlf_datalayer/ Frame A416 2 KB
1011 B 48ms
46ms Script
application/javascript 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js_new/qlf_datalayer/qlf_datalayer.1.4.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

4783662c460059e829f6ed31a61eacf72a466981a793f97187c9a7a806ad5bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3621
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 7443
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Jan 2020 18:04:49 GMT
server: CDN77-Turbo
etag: W/"947290876"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H/1.1 200
OK _qualifio.min.css
fonts.qualifio.com/fontawesome/css/ Frame A416 9 KB
3 KB 190ms
47ms Stylesheet
text/css 51.83.250.248
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.qualifio.com/fontawesome/css/_qualifio.min.css?v=20200502

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.83.250.248 , Poland, ASN16276 (OVH, FR),

Reverse DNS

ip-51-83-250.eu

Software

NCSA/1.4.2 /

Resource Hash

07241c03537f697e83b5fe3a35d4277d8e70e68ab71c2c9c8d5e719cdd57f902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 27 Mar 2020 04:13:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 25 Feb 2020 09:17:07 GMT
Server: NCSA/1.4.2
Age: 97
ETag: "22ec-59f62f3a76ac0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Content-Length: 2120
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame A416 10 KB
971 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b20a8b6a4a50d4ca286b054d3dc6eb7c2870f4948802b345a9a7922bc4d83bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 04:14:40 GMT
server: ESF
date: Fri, 27 Mar 2020 04:14:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Mar 2020 04:14:40 GMT

GET
H/1.1 200
OK dateAgeCompare.js Show response
www.nestlepromo.be/20/js/ Frame A416 5 KB
1 KB 128ms
35ms Script
application/javascript 54.38.245.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nestlepromo.be/20/js/dateAgeCompare.js?v=7.72.1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.38.245.3 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

fde07c4fc186e48869476370bcd4a43384ab806e9327b3ed9d2ab2a74d9323e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-Varnish-Hits: 0
Date: Fri, 27 Mar 2020 04:14:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Mar 2020 11:10:57 GMT
Server: NCSA/1.4.2
Age: 0
ETag: W/"4870-1585134657000"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H2 200 style.css
files.qualifio.com/static/nestle_belgium/44A8AED7-EF99-36F5-FEFB-4629001F31A7/ Frame A416 36 KB
7 KB 466ms
464ms Stylesheet
text/css 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/nestle_belgium/44A8AED7-EF99-36F5-FEFB-4629001F31A7/style.css?v=200226123117

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

2b03e23d5274520ffb293644a8991f4a2ab46eda06e7c663d608910f102cf059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 27 Mar 2020 04:14:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3370
x-edge-location: frankfurtDE
x-cache: REVALIDATED
status: 200
x-age: 47862
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Apr 2018 09:56:05 GMT
server: CDN77-Turbo
etag: W/"107806997"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H2 200 showhide.min.js Show response
files.qualifio.com/static/common/js/banners/ Frame A416 268 B
522 B 48ms
46ms Script
application/javascript 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://files.qualifio.com/static/common/js/banners/showhide.min.js?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

f372045a176af5d908a98bd807cf35fbcb3165d71bac093d11bfd531bfc551fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8330
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 2574
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Mar 2017 11:02:10 GMT
server: CDN77-Turbo
etag: W/"149969135"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53

GET
H/1.1 200
OK tldjs.js Show response
player.qualifio.com/20/js/validate/ Frame A416 92 KB
36 KB 34ms
34ms Script
application/javascript 54.38.36.114
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://player.qualifio.com/20/js/validate/tldjs.js

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/js/validate/jquery.validate.js?version=4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.38.36.114 , France, ASN16276 (OVH, FR),

Reverse DNS

ip-54-38-36.eu

Software

NCSA/1.4.2 /

Resource Hash

81fd20c2f288b1b3850e0c91e9cd5a87a61af0a4f2b1719cf0ce238d96e996bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 27 Mar 2020 04:13:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Mar 2020 11:10:57 GMT
Server: NCSA/1.4.2
Age: 61
ETag: W/"94080-1585134657000"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Connection: keep-alive
X-Varnish-Hits: 13
Content-Length: 36173
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK browserinfo.cfc Show response
www.nestlepromo.be/20/s75/v1/cfc/ Frame A416 0
498 B 50ms
50ms XHR
text/xml 54.38.245.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nestlepromo.be/20/s75/v1/cfc/browserinfo.cfc?method=save&CFID=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&CFTOKEN=0

Requested by

Host: files.qualifio.com
URL: https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.38.245.3 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
Origin: https://www.nestlepromo.be
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Varnish-Hits: 0
Date: Fri, 27 Mar 2020 04:14:40 GMT
X-Content-Type-Options: nosniff
Server: NCSA/1.4.2
Return-Format: wddx
Age: 0
Content-Type: text/xml;charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2 200 7578E8A3-0CE3-C84C-79AC6EFC31FE060B.png
files.qualifio.com/library/nestle_belgium/fonds/2018/04/ Frame A416 2 MB
2 MB 66ms
66ms Image
image/png 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.qualifio.com/library/nestle_belgium/fonds/2018/04/7578E8A3-0CE3-C84C-79AC6EFC31FE060B.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

0f50656ee4ed2472ffc112714b7afc5c0f18366f9c10cb9d32a8200cff13856d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://files.qualifio.com/static/nestle_belgium/44A8AED7-EF99-36F5-FEFB-4629001F31A7/style.css?v=200226123117
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 04:14:41 GMT
x-content-type-options: nosniff
age: 2388
x-edge-location: frankfurtDE
x-cache: REVALIDATED
status: 200
x-age: 47863
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
content-length: 2142419
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Apr 2018 12:18:44 GMT
server: CDN77-Turbo
etag: "3872388427"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=10800
x-edge-ip: 195.181.175.53
accept-ranges: bytes

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ Frame A416 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i&display=swap
Origin: https://www.nestlepromo.be
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 17:00:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1422833
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Wed, 10 Mar 2021 17:00:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame A416 140 KB
33 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPH3HHC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a541ab34d27988432225e2ef91c3b32e3f999b46d84a1272e4fcdc09f783d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:41 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 33779
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Mar 2020 04:14:41 GMT

GET
H/1.1 200
OK qualp.2.min.js Show response
player.qualifio.com/kit/ Frame A416 14 KB
7 KB 29ms
29ms Script
application/javascript 54.38.36.114
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://player.qualifio.com/kit/qualp.2.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.38.36.114 , France, ASN16276 (OVH, FR),

Reverse DNS

ip-54-38-36.eu

Software

NCSA/1.4.2 /

Resource Hash

bc644c7a286f75f31bdbf605158b4573252c9eaa10cc44c72050bbf55713442a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 27 Mar 2020 03:54:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Dec 2019 07:57:52 GMT
Server: NCSA/1.4.2
Age: 1217
ETag: "2162768700"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6332
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK keepAlive.cfm Show response
www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/ Frame A416 3 B
549 B 42ms
42ms XHR
text/html 54.38.245.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/keepAlive.cfm?uk=QRMDZUAXA9T&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0

Requested by

Host: files.qualifio.com
URL: https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.38.245.3 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits: 0
Date: Fri, 27 Mar 2020 04:14:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: NCSA/1.4.2
Age: 0
Vary: Accept-Encoding
Content-Type: text/html;charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23
X-XSS-Protection: 1; mode=block

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ Frame A416 52 KB
14 KB 65ms
17ms Script
application/x-javascript 104.73.156.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.73.156.224 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-73-156-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a5f2aefa8edf62881b0b715e2e197d55cd36ce609231cf5dd8a27ef4fcf5a8cd

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:41 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 13901
last-modified: Tue, 25 Feb 2020 19:54:14 GMT
server: AkamaiNetStorage
etag: "d529f99e482c3a035b7d3317ba3de637:1582660454.235704"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 28 Mar 2020 04:14:41 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ Frame A416 241 B
444 B 76ms
29ms Script
application/x-javascript 104.73.156.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.73.156.224 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-73-156-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 169321e39b8feb5403c970bcefde1b1c3c29145725887ae7e590f79a92a0eed1

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:41 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:43:04 GMT
server: AkamaiNetStorage
access-control-allow-origin
etag: "76b67a5507157b786621c476655c42b7:1584142984.873861"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
status: 200
access-control-max-age: 86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 166

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/2020/ Frame A416 1 MB
25 KB 77ms
29ms Script
application/x-javascript 104.73.156.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2020/snthemes.js
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.73.156.224 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-73-156-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d7b242058315eb28206c44a6219f4003e0e4fef3496c511771c32ed9c7b15cca

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:41 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 25114
last-modified: Wed, 25 Mar 2020 14:41:35 GMT
server: AkamaiNetStorage
etag: "2fb29b168584b7b6abfd94c08fe73377:1585147295.291336"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 28 Mar 2020 04:14:41 GMT

GET
H2 200 settings.js Show response
c.evidon.com/sitenotice/2020/nestlepromo/ Frame A416 3 KB
1 KB 84ms
37ms Script
application/x-javascript 104.73.156.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2020/nestlepromo/settings.js
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.73.156.224 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-73-156-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ed4c7b2177fbf30c74a13d471f8e9b5d87375d763da25957dd626824f06bec5

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:41 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 1039
last-modified: Thu, 16 May 2019 10:23:43 GMT
server: AkamaiNetStorage
etag: "36c03c8783957d5a6395468abc067b12:1558002223"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 28 Mar 2020 04:14:41 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame A416 126 KB
30 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: sGA46J/MWdLKbpE3qjk54Qny0shbKNiDnBFyXHdh8CvyRwNjT6El0e704o3hyho7Ljr2cE47k7v5SzYhMltKzA==
x-fb-trip-id: 1850256238
date: Fri, 27 Mar 2020 04:14:41 GMT, Fri, 27 Mar 2020 04:14:41 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK store-participation Show response
www.nestlepromo.be/ Frame A416 0
186 B 33ms
33ms XHR
text/plain 54.38.245.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nestlepromo.be/store-participation?client_id
Requested by: Host: player.qualifio.com
URL: https://player.qualifio.com/kit/qualp.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.245.3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
Sec-Fetch-Dest: empty
X-Part: -
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Mar 2020 04:14:41 GMT
Server: Varnish
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/plain
Content-Length: 0
X-Varnish: 676539697

GET
H2 200 1409452635879217 Show response
connect.facebook.net/signals/config/ Frame A416 447 KB
112 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1409452635879217?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68b21007e718916d21b3b8adb3b24c45ceb77498346f1c0ad2745ecff22f8de5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 114919
x-xss-protection: 0
pragma: public
x-fb-debug: JbdI6RErAHhBra+6OKQOkuPGHDw/hCe4OrWYwvk/teM+tjOooalETDVB6/GRMSrMKwXRY1430apSPX8LbzaVrg==
x-fb-trip-id: 1850256238
date: Fri, 27 Mar 2020 04:14:41 GMT, Fri, 27 Mar 2020 04:14:41 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK store-participation Show response
www.nestlepromo.be/ Frame A416 36 B
267 B 33ms
30ms XHR
text/plain 54.38.245.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nestlepromo.be/store-participation?client_id
Requested by: Host: player.qualifio.com
URL: https://player.qualifio.com/kit/qualp.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.245.3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Varnish /
Resource Hash: b1302430eaee8051bd3b681c729d05eecf98c220310fb504c18602dace707d20

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
Sec-Fetch-Dest: empty
X-Part: 308c6e86-0b1a-95dc-0f95-0a19528efb06
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 27 Mar 2020 04:14:41 GMT
Server: Varnish
ETag: 308c6e86-0b1a-95dc-0f95-0a19528efb06
X-Varnish: 674950904
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/plain
Content-Length: 36

POST
H/1.1 201
Created events Show response
www.nestlepromo.be/egw/ Frame A416 2 B
541 B 193ms
193ms XHR
text/plain 54.38.245.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nestlepromo.be/egw/events

Requested by

Host: files.qualifio.com
URL: https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.38.245.3 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
Origin: https://www.nestlepromo.be
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 27 Mar 2020 04:14:41 GMT
X-Content-Type-Options: nosniff
Server: NCSA/1.4.2
Age: 0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length: 2
X-XSS-Protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ Frame A416 44 B
260 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1409452635879217&ev=ViewContent&dl=https%3A%2F%2Fwww.nestlepromo.be%2F20%2F44A8AED7-EF99-36F5-FEFB-4629001F31A7%2Fs75%2Fv1.cfm%3Fpage%3D1%26uk%3DQRMDZUAXA9T%26noback%3Dfalse%26cfid%3Dbb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878%26cftoken%3D0%26fbappiframe%3Dfalse&rl=https%3A%2F%2Fwww.nestlepromo.be%2Fquiz%2F463237_465%2FSmiley-1-FR.html%3Futm_source%3DNewsletter%2520MWN&if=true&ts=1585282481545&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585282481544.6036087&it=1585282481507&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 04:14:41 GMT, Fri, 27 Mar 2020 04:14:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 27 Mar 2020 04:14:41 GMT

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/2020/translations/ Frame A416 2 MB
33 KB 18ms
18ms Script
application/x-javascript 104.73.156.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2020/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.73.156.224 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-73-156-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4aadf2d796a73e909152b0ecccafa239aa9b52ea27082d4042132570ff486bb9

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:41 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 32909
last-modified: Tue, 04 Feb 2020 18:15:56 GMT
server: AkamaiNetStorage
etag: "5ef832d91a8f5d900f5ab2898b442ec3:1580840156.067556"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 28 Mar 2020 04:14:41 GMT

GET
H2 200 fr.js Show response
c.evidon.com/sitenotice/2020/translations/ Frame A416 2 MB
34 KB 18ms
18ms Script
application/x-javascript 104.73.156.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2020/translations/fr.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.73.156.224 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-73-156-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 82251107bda226ae14af6db9b111ee1520c40c23fbc017a766778721f82cfff7

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:41 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 34047
last-modified: Wed, 25 Mar 2020 17:13:38 GMT
server: AkamaiNetStorage
etag: "1b6841ee8d81e908b25f11dd6aac32ac:1585156417.828326"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 28 Mar 2020 04:14:41 GMT

GET
H2 200 evidon-banner.js Show response
c.evidon.com/sitenotice/ Frame A416 9 KB
3 KB 23ms
23ms Script
application/x-javascript 104.73.156.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-banner.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.73.156.224 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-73-156-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 002d53fd85efd896feec6f7b9b123965be3219edf8e9b7ebbf165b633582b10f

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 04:14:41 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 2807
last-modified: Tue, 25 Feb 2020 19:54:14 GMT
server: AkamaiNetStorage
etag: "084773175d72f110848864abe5fac405:1582660454.817249"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 28 Mar 2020 04:14:41 GMT

GET
H2 204 2
l.betrad.com/site/v3/2020/15950/20/1/2/ Frame A416 0
120 B 316ms
106ms Image
text/plain 52.203.173.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/2020/15950/20/1/2/2?consent=0
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.173.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-173-113.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
date: Fri, 27 Mar 2020 04:14:41 GMT
content-encoding: gzip
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express
vary: Accept-Encoding

GET
H2 204 51680
l.betrad.com/site/v3/2020/15950/20/4/2/2/ Frame A416 0
120 B 117ms
105ms Image
text/plain 52.203.173.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/2020/15950/20/4/2/2/51680?consent=0
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.173.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-173-113.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
date: Fri, 27 Mar 2020 04:14:41 GMT
content-encoding: gzip
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express
vary: Accept-Encoding

GET
H2 204 51680
l.betrad.com/site/v3/2020/15950/20/1/2/2/ Frame A416 0
120 B 118ms
106ms Image
text/plain 52.203.173.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/2020/15950/20/1/2/2/51680?consent=0
Requested by: Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.173.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-173-113.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
date: Fri, 27 Mar 2020 04:14:41 GMT
content-encoding: gzip
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express
vary: Accept-Encoding

GET
H2 200 /
www.facebook.com/tr/ Frame A416 44 B
111 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1409452635879217&ev=PageView&dl=https%3A%2F%2Fwww.nestlepromo.be%2F20%2F44A8AED7-EF99-36F5-FEFB-4629001F31A7%2Fs75%2Fv1.cfm%3Fpage%3D1%26uk%3DQRMDZUAXA9T%26noback%3Dfalse%26cfid%3Dbb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878%26cftoken%3D0%26fbappiframe%3Dfalse%23top&rl=https%3A%2F%2Fwww.nestlepromo.be%2Fquiz%2F463237_465%2FSmiley-1-FR.html%3Futm_source%3DNewsletter%2520MWN&if=true&ts=1585282481932&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585282481544.6036087&it=1585282481507&coo=false&rqm=GET

Requested by

Host: www.nestlepromo.be
URL: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 04:14:41 GMT, Fri, 27 Mar 2020 04:14:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 27 Mar 2020 04:14:41 GMT

GET
H/1.1 200
OK _ajax_get_querystring.cfm Show response
www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1/ Frame A416 0
585 B 44ms
44ms XHR
text/html 54.38.245.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1/_ajax_get_querystring.cfm?uk=QRMDZUAXA9T&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&ref=https%3A%2F%2Fwww.nestlepromo.be%2Fquiz%2F463237_465%2FSmiley-1-FR.html%3Futm_source%3DNewsletter%2520MWN

Requested by

Host: files.qualifio.com
URL: https://files.qualifio.com/static/common/js/jquery/1.11.3/jquery.min.js?v=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.38.245.3 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Hits: 0
Date: Fri, 27 Mar 2020 04:14:41 GMT
X-Content-Type-Options: nosniff
Server: NCSA/1.4.2
Age: 0
Content-Type: text/html;charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK events Show response
sococakciwibib.k8s.qualif.io/intake/v2/rum/ 0
476 B 475ms
97ms XHR
text/plain 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://sococakciwibib.k8s.qualif.io/intake/v2/rum/events

Requested by

Host: files.qualifio.com
URL: https://files.qualifio.com/kit/elastic-apm-opentracing.umd.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.89.119.165 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

NCSA/1.4.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: POST
Origin: https://www.nestlepromo.be
Referer: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Fri, 27 Mar 2020 04:14:42 GMT
X-Content-Type-Options: nosniff
Server: NCSA/1.4.2
Age: 0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://www.nestlepromo.be
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type, Content-Encoding, Accept
Connection: keep-alive
Accept-Ranges: bytes
Vary: Origin
Content-Length: 0
X-XSS-Protection: 1; mode=block

POST
H/1.1 202
Accepted events Show response
sococakciwibib.k8s.qualif.io/intake/v2/rum/ 0
157 B 113ms
113ms XHR
text/plain 51.89.119.165
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://sococakciwibib.k8s.qualif.io/intake/v2/rum/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.119.165 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nestlepromo.be/quiz/463237_465/Smiley-1-FR.html?utm_source=Newsletter%20MWN
Origin: https://www.nestlepromo.be
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-ndjson

Response headers

Access-Control-Allow-Origin: https://www.nestlepromo.be
Date: Fri, 27 Mar 2020 04:14:43 GMT
Connection: close
Content-Length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame A416 44 B
157 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1409452635879217&ev=Microdata&dl=https%3A%2F%2Fwww.nestlepromo.be%2F20%2F44A8AED7-EF99-36F5-FEFB-4629001F31A7%2Fs75%2Fv1.cfm%3Fpage%3D1%26uk%3DQRMDZUAXA9T%26noback%3Dfalse%26cfid%3Dbb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878%26cftoken%3D0%26fbappiframe%3Dfalse%23top&rl=https%3A%2F%2Fwww.nestlepromo.be%2Fquiz%2F463237_465%2FSmiley-1-FR.html%3Futm_source%3DNewsletter%2520MWN&if=true&ts=1585282483047&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Smiley%20NPS%20NL%20Nestl%C3%A9%20-%20FR%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=2&o=30&fbp=fb.1.1585282481544.6036087&it=1585282481507&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 04:14:43 GMT, Fri, 27 Mar 2020 04:14:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 27 Mar 2020 04:14:43 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nestlepromo.be/	1970-01-19 10:30:58	Name: _fbp Value: fb.1.1585282481544.6036087
www.nestlepromo.be/	1970-01-19 08:24:15	Name: UTM Value: C5FC46B9-10C9-4F83-9A8FB3FCD0C72D0F
www.nestlepromo.be/	1970-01-19 09:04:34	Name: cftoken Value: 0
www.nestlepromo.be/	1970-01-19 09:04:34	Name: cfid Value: 1c373a62-5b91-4aa1-8337-15336f7b6a3a
www.nestlepromo.be/quiz/463237_465	1970-01-19 08:21:23	Name: _qual_restore_44A8AED7-EF99-36F5-FEFB-4629001F31A7 Value: https://www.nestlepromo.be/20/44A8AED7-EF99-36F5-FEFB-4629001F31A7/s75/v1.cfm?page=1&uk=QRMDZUAXA9T&noback=false&cfid=bb2330e6-3ab2-4f1d-bf44-f2bdc9f6f878&cftoken=0&fbappiframe=false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.evidon.com
cdnjs.cloudflare.com
connect.facebook.net
files.qualifio.com
fonts.googleapis.com
fonts.gstatic.com
fonts.qualifio.com
l.betrad.com
player.qualifio.com
sococakciwibib.k8s.qualif.io
touch-agency.emsecure.net
www.facebook.com
www.googletagmanager.com
www.nestlepromo.be
104.73.156.224
194.213.114.167
195.181.175.55
2606:4700::6811:4104
2a00:1450:4001:81a::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2008
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
51.83.250.248
51.89.119.165
52.203.173.113
54.38.245.3
54.38.36.114
002d53fd85efd896feec6f7b9b123965be3219edf8e9b7ebbf165b633582b10f
02f64c74ff5e979f732ec1dd218f431befb7967df00ff11dba6a070a5d961ada
07241c03537f697e83b5fe3a35d4277d8e70e68ab71c2c9c8d5e719cdd57f902
0f50656ee4ed2472ffc112714b7afc5c0f18366f9c10cb9d32a8200cff13856d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11578b6e7afc3a18b6c21a953875c3670b822fff5c7bfa7119ad30186d2c29cf
169321e39b8feb5403c970bcefde1b1c3c29145725887ae7e590f79a92a0eed1
1d00a43e3b1c901b663bad31799b39eb483cff9bf4e03bce932128d35ce14a9a
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
2b03e23d5274520ffb293644a8991f4a2ab46eda06e7c663d608910f102cf059
34eaf08c756cd248519acb73fb69f36c36cbb9aef23ab74ed301c2b8a3c7d793
4783662c460059e829f6ed31a61eacf72a466981a793f97187c9a7a806ad5bcd
4aadf2d796a73e909152b0ecccafa239aa9b52ea27082d4042132570ff486bb9
4ed4c7b2177fbf30c74a13d471f8e9b5d87375d763da25957dd626824f06bec5
4f446bc4b1705571b23e4a1f21d19400ec7c51e7b315248c61e1a0c3aa6abeeb
53709c84feb7b82b1c106ee9b461b109c4fe37a6210a984d6b2d44ed1de49fa1
5474ee8921895995993d2e2360f6fb9ade26aab74d749c68823e23b6ae562808
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a541ab34d27988432225e2ef91c3b32e3f999b46d84a1272e4fcdc09f783d4b
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
68b21007e718916d21b3b8adb3b24c45ceb77498346f1c0ad2745ecff22f8de5
81fd20c2f288b1b3850e0c91e9cd5a87a61af0a4f2b1719cf0ce238d96e996bd
82251107bda226ae14af6db9b111ee1520c40c23fbc017a766778721f82cfff7
92bb04a652129679f5d8e5f40492ceeeb701c74cd09a45c6b16e1b1da5e23e0c
98237216cc0a94410379b8a8ab8036429be995d0b07fba916b4a2e97b383b63d
9825531d5b00159fcd4e0042f3b5f4fc2eb147cb9974bb54fb20a0d68a763c65
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a5421846ea8b19550ff03785d18e15f700fb56b82d79379856056ae59fc28478
a5f2aefa8edf62881b0b715e2e197d55cd36ce609231cf5dd8a27ef4fcf5a8cd
ac2d7c342e77f920f000e32b137e5d7f3b4701fa2923153c4f330b0456dc6e73
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b1302430eaee8051bd3b681c729d05eecf98c220310fb504c18602dace707d20
b20a8b6a4a50d4ca286b054d3dc6eb7c2870f4948802b345a9a7922bc4d83bb0
bc644c7a286f75f31bdbf605158b4573252c9eaa10cc44c72050bbf55713442a
bd456ba86769041e7f82800178460c1da5846e1ab27cdaeac7b678311d48fe69
c4242001d22f6a186deb334a84335af0717f5c1f7e2793f123a8a415c99911aa
ccb23e1a2db26ee07f297182c83b83eaedc5a5cc92de9dd9a15990ed2dce5877
d7b242058315eb28206c44a6219f4003e0e4fef3496c511771c32ed9c7b15cca
dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22
e34c0cc1e6cfafa9dd2cf20f1c77d0ffaf293aeb9745cc7d53670e0100f8381d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea4e2cd3e9bce2e3248bfb81dce1ee01fda4d2290236aeb45ac06a800b322fe9
f372045a176af5d908a98bd807cf35fbcb3165d71bac093d11bfd531bfc551fe
fba8a618ef77fbc5cebc12ca68497499f595c802a29a24863fc9fcc1f56592a6
fde07c4fc186e48869476370bcd4a43384ab806e9327b3ed9d2ab2a74d9323e4

www.nestlepromo.be Open in urlscan Pro 54.38.245.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

57 Requests

100 %HTTPS

43 %IPv6

12 Domains

14 Subdomains

13 IPs

7 Countries

3871 kBTransfer

10666 kBSize

5 Cookies

3 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nestlepromo.be Open in urlscan Pro
54.38.245.3 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

43 %
IPv6

12
Domains

14
Subdomains

13
IPs

7
Countries

3871 kB
Transfer

10666 kB
Size

5
Cookies

57 HTTP transactions
0 data transactions