Server | Cowboy |
Connection | keep-alive |
Strict-Transport-Security | max-age=631152000; includeSubdomains; preload |
Content-Type | text/html; charset=utf-8 |
X-Ua-Compatible | IE=Edge,chrome=1 |
Etag | "1dbfab076c0f25a63cc67e1b72f18acb" |
Cache-Control | max-age=0, private, must-revalidate |
X-Request-Id | aa05026d-227e-4c00-8a32-14bf11c3e2c3 |
X-Runtime | 0.040429 |
Vary | Accept-Encoding |
Content-Encoding | gzip |
X-Rack-Cache | miss |
Content-Security-Policy | default-src https: 'self' d3sjx7m1rsw5t2.cloudfront.net dqj10xx5f7mrr.cloudfront.net listminut-experiment-assets.s3.amazonaws.com *.optimizely.com ss42phpnet.phpnet.org; child-src 'self' player.vimeo.com payment.hipay.com test-payment.hipay.com www.youtube.com www.google.com www.google.be *.optimizely.com secure.ogone.com www.kbc.be www.cbc.be secure-gateway.hipay-tpp.com payment-web.sips-atos.com platform.twitter.com syndication.twitter.com *.facebook.com *.talkgadget.google.com *.stripe.com *.ing.be *.g.doubleclick.net *.visiturn.com; connect-src wss: 'self' dqj10xx5f7mrr.cloudfront.net listminut-experiment-assets.s3.amazonaws.com ws://dqj10xx5f7mrr.cloudfront.net ws://listminut-experiment-assets.s3.amazonaws.com api.rollbar.com *.hotjar.com *.intercom.io *.log.optimizely.com *.inspectlet.com *.stripe.com agilecrm.s3.amazonaws.com *.visiturn.com; font-src 'self' dqj10xx5f7mrr.cloudfront.net listminut-experiment-assets.s3.amazonaws.com d3sjx7m1rsw5t2.cloudfront.net data: *.gstatic.com cdnjs.cloudflare.com *.intercomcdn.com; img-src 'self' data: dqj10xx5f7mrr.cloudfront.net listminut-experiment-assets.s3.amazonaws.com listminutv3-prod-assets.s3.amazonaws.com d3sjx7m1rsw5t2.cloudfront.net listminut.be cidoum.s3.amazonaws.com *.gstatic.com *.googleapis.com www.google-analytics.com www.google.com pci.usd.de code.jquery.com *.facebook.com scontent.xx.fbcdn.net my.clickdesk.com s3.amazonaws.com d1gwclp1pmzk26.cloudfront.net d25wh3ilibgxb0.cloudfront.net contactuswidget.appspot.com stats.g.doubleclick.net *.log.optimizely.com js.intercomcdn.com cdn.ckeditor.com www.google.be *.inspectlet.com *.stripe.com pbs.twimg.com *.chiens-chats.be *.toutoublog.com *.gralon.net *.seniorsavotreservice.com *.ldh.be cluster015.ovh.net ss42phpnet.phpnet.org *.visiturn.com; media-src https: 'self' d3sjx7m1rsw5t2.cloudfront.net dqj10xx5f7mrr.cloudfront.net listminut-experiment-assets.s3.amazonaws.com js.intercomcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' dqj10xx5f7mrr.cloudfront.net listminut-experiment-assets.s3.amazonaws.com d3sjx7m1rsw5t2.cloudfront.net cdnjs.cloudflare.com cdn.ckeditor.com cdn.jsdelivr.net ajax.cloudflare.com code.jquery.com code.highcharts.com js-agent.newrelic.com bam.nr-data.net connect.facebook.net my.clickdesk.com d1gwclp1pmzk26.cloudfront.net d3dy5gmtp8yhk7.cloudfront.net clickdeskvisitors.appspot.com www.google-analytics.com www.googleadservices.com *.googleapis.com *.hotjar.com *.optimizely.com *.intercom.io js.intercomcdn.com *.stripe.com cdn.inspectlet.com platform.twitter.com graph.facebook.com talkgadget.google.com d37gvrvc0wt4s1.cloudfront.net *.visiturn.com; style-src 'self' fonts.googleapis.com 'unsafe-inline' code.jquery.com cdnjs.cloudflare.com dqj10xx5f7mrr.cloudfront.net d3sjx7m1rsw5t2.cloudfront.net d1gwclp1pmzk26.cloudfront.net cdn.ckeditor.com *.stripe.com *.visiturn.com |
Referrer-Policy | origin-when-cross-origin |
X-Content-Type-Options | nosniff |
X-Download-Options | noopen |
X-Permitted-Cross-Domain-Policies | none |
X-Xss-Protection | 1; mode=block |
Transfer-Encoding | chunked |
Via | 1.1 vegur |