Server | Apache |
Last-Modified | Tue, 13 Feb 2018 14:42:54 GMT |
Accept-Ranges | bytes |
X-UA-Compatible | IE=edge |
X-Frame-Options | ALLOW-FROM=http://app.vwo.com/ |
Content-Security-Policy | default-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ http://app.vwo.com/ ; media-src 'self'; font-src 'self' https://www.ingdirect.fr/assets/fonts/ https://app.vwo.com/assets/fonts/ https://fonts.gstatic.com/ ; object-src 'self'; connect-src 'self' https://www.google-analytics.com/r/collect https://www.ingdirect.fr/ https://services.opcvm360.com/api-v1/ https://cr-input.mxpnl.net/; img-src 'self' https://www.google.com/ads/ https://news.ing.be/newsingbeimages/assets/ https://stats.g.doubleclick.net/r/collect/ data: http://chart.googleapis.com/ http://*.visualwebsiteoptimizer.com/ www.ingdirect.fr www.google-analytics.com ssl.google-analytics.com https://syndication.twitter.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.ampproject.org/ https://s.ytimg.com/yts/jsbin/ https://www.youtube.com/iframe_api http://www.youtube.com/iframe_api https://app.vwo.com/visitor-behavior-analysis/ https://www.google.com/jsapi http://b.mxpnl.net/cs/ http://trendtext.eu/metric/ http://trendtext.eu/ https://cse.google.com/cse/brand http://www.ingdirect.fr www.google-analytics.com ssl.google-analytics.com www.google.com platform.twitter.com connect.facebook.net apis.google.com http://d5phz18u4wuww.cloudfront.net/ http://*.visualwebsiteoptimizer.com/ code.jquery.com; frame-src https://app.vwo.com/visitor-behavior-analysis/ https://fls.doubleclick.net/ https://*.fls.doubleclick.net/ http://www.youtube.com/embed/ https://www.youtube.com/embed/ http://www.google.com/cse https://cse.google.com/cse; child-src 'self' https://cse.google.com/cse http://cse.google.com https://*.doubleclick.net https://*.youtube.com http://*.youtube.com https://apis.google.com/ http://www.google.com https://www.google.com http://r.turn.com https://r.turn.com http://platform.twitter.com/widgets https://accounts.google.com https://s-static.ak.facebook.com http://www.facebook.com/plugins; |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Vary | Accept-Encoding |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
Cache-Control | no-transform, max-age=7193 |
Expires | Wed, 21 Feb 2018 21:58:50 GMT |
Connection | keep-alive |