X-Content-Type-Options: nosniff
X-AH-Environment: 01live
X-Varnish: 1157136706 1157136188
Transfer-Encoding: chunked
X-Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-inline' *.newrelic.com *.jquery.com *.cloudflare.com *.jsdelivr.net *.bootstrapcdn.com *.gigya.com *.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.newrelic.com *.jquery.com *.cloudflare.com *.jsdelivr.net *.bootstrapcdn.com *.gigya.com *.fusepump.com *.nr-data.net *.googleapis.com *.google-analytics.com *.clic2buy.com *.pump.to *.betrad.com *.evidon.com *.googletagmanager.com https://nestle.gigya.com https://cdns.eu1.gigya.com *.amazonaws.com; object-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' *.newrelic.com *.jquery.com *.cloudflare.com *.jsdelivr.net *.bootstrapcdn.com *.gigya.com *.googleapis.com *.fusepump.com *.clic2buy.com *.google-analytics.com *.pump.to *.betrad.com *.evidon.com https://nestle.gigya.com https://cdns.eu1.gigya.co *.amazonaws.com; img-src 'self' 'unsafe-inline' blob: data: *.gigya.com *.jsdelivr.net *.gstatic.com *.fusepump.com *.clic2buy.com *.google-analytics.com *.pump.to *.betrad.com *.evidon.com https://nestle.gigya.com https://cdns.eu1.gigya.com *.amazonaws.com; media-src 'self' 'unsafe-inline'; frame-src 'self' 'unsafe-inline' *.youtube.com *.gigya.com *.betrad.com *.evidon.com https://cdns.gigya.com https://nestle.gigya.com https://cdns.eu1.gigya.com; font-src 'self' 'unsafe-inline' *.bootstrapcdn.com *.jsdelivr.net *.googleapis.com *.gstatic.com *.betrad.com *.evidon.com; connect-src 'self' 'unsafe-inline' *.fusepump.com *.clic2buy.com *.amazonaws.com; report-uri /admin/config/system/seckit/csp-report
Vary: Cookie,Accept-Encoding
X-Cache: HIT
Server: cloudflare-nginx
Last-Modified: Fri, 09 Jun 2017 14:44:41 GMT
Via: 1.1 varnish
Connection: keep-alive
X-WebKit-CSP-Report-Only: default-src 'self' 'unsafe-inline' *.newrelic.com *.jquery.com *.cloudflare.com *.jsdelivr.net *.bootstrapcdn.com *.gigya.com *.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.newrelic.com *.jquery.com *.cloudflare.com *.jsdelivr.net *.bootstrapcdn.com *.gigya.com *.fusepump.com *.nr-data.net *.googleapis.com *.google-analytics.com *.clic2buy.com *.pump.to *.betrad.com *.evidon.com *.googletagmanager.com https://nestle.gigya.com https://cdns.eu1.gigya.com *.amazonaws.com; object-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' *.newrelic.com *.jquery.com *.cloudflare.com *.jsdelivr.net *.bootstrapcdn.com *.gigya.com *.googleapis.com *.fusepump.com *.clic2buy.com *.google-analytics.com *.pump.to *.betrad.com *.evidon.com https://nestle.gigya.com https://cdns.eu1.gigya.co *.amazonaws.com; img-src 'self' 'unsafe-inline' blob: data: *.gigya.com *.jsdelivr.net *.gstatic.com *.fusepump.com *.clic2buy.com *.google-analytics.com *.pump.to *.betrad.com *.evidon.com https://nestle.gigya.com https://cdns.eu1.gigya.com *.amazonaws.com; media-src 'self' 'unsafe-inline'; frame-src 'self' 'unsafe-inline' *.youtube.com *.gigya.com *.betrad.com *.evidon.com https://cdns.gigya.com https://nestle.gigya.com https://cdns.eu1.gigya.com; font-src 'self' 'unsafe-inline' *.bootstrapcdn.com *.jsdelivr.net *.googleapis.com *.gstatic.com *.betrad.com *.evidon.com; connect-src 'self' 'unsafe-inline' *.fusepump.com *.clic2buy.com *.amazonaws.com; report-uri /admin/config/system/seckit/csp-report
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-inline' *.newrelic.com *.jquery.com *.cloudflare.com *.jsdelivr.net *.bootstrapcdn.com *.gigya.com *.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.newrelic.com *.jquery.com *.cloudflare.com *.jsdelivr.net *.bootstrapcdn.com *.gigya.com *.fusepump.com *.nr-data.net *.googleapis.com *.google-analytics.com *.clic2buy.com *.pump.to *.betrad.com *.evidon.com *.googletagmanager.com https://nestle.gigya.com https://cdns.eu1.gigya.com *.amazonaws.com; object-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' *.newrelic.com *.jquery.com *.cloudflare.com *.jsdelivr.net *.bootstrapcdn.com *.gigya.com *.googleapis.com *.fusepump.com *.clic2buy.com *.google-analytics.com *.pump.to *.betrad.com *.evidon.com https://nestle.gigya.com https://cdns.eu1.gigya.co *.amazonaws.com; img-src 'self' 'unsafe-inline' blob: data: *.gigya.com *.jsdelivr.net *.gstatic.com *.fusepump.com *.clic2buy.com *.google-analytics.com *.pump.to *.betrad.com *.evidon.com https://nestle.gigya.com https://cdns.eu1.gigya.com *.amazonaws.com; media-src 'self' 'unsafe-inline'; frame-src 'self' 'unsafe-inline' *.youtube.com *.gigya.com *.betrad.com *.evidon.com https://cdns.gigya.com https://nestle.gigya.com https://cdns.eu1.gigya.com; font-src 'self' 'unsafe-inline' *.bootstrapcdn.com *.jsdelivr.net *.googleapis.com *.gstatic.com *.betrad.com *.evidon.com; connect-src 'self' 'unsafe-inline' *.fusepump.com *.clic2buy.com *.amazonaws.com; report-uri /admin/config/system/seckit/csp-report
X-Request-ID: v-2b936326-4d22-11e7-a415-02b805b77741
X-Drupal-Cache: MISS
HTTP/1.1 200 OK
X-Frame-Options: Allow-From: cdnjs.cloudflare.com
P3P: CP="CURa ADMa OUR UNI INT STA PRE COM NAV NOI COR ONL"
Link: <https://www.nesquikstudios.fr/>; rel="canonical",<https://www.nesquikstudios.fr/>; rel="shortlink"
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
CF-RAY: 36c4e7c85d3826ba-FRA
Age: 367
X-UA-Device: pc
Cache-Control: public, max-age=3600
Date: Fri, 09 Jun 2017 14:50:49 GMT
Set-Cookie: __cfduid=db0e023eac15aabf9d802ead93588fa301497019849; expires=Sat, 09-Jun-18 14:50:49 GMT; path=/; domain=.nesquikstudios.fr; HttpOnly
X-Cache-Hits: 31
Content-Language: fr