Server | Cowboy |
Connection | keep-alive |
Strict-Transport-Security | max-age=631152000; includeSubdomains; preload |
Content-Type | text/html; charset=utf-8 |
X-Ua-Compatible | IE=Edge,chrome=1 |
Etag | "70198a20a38ea4f17af2c2214daaaf53" |
Cache-Control | max-age=0, private, must-revalidate |
X-Request-Id | 4303023e-f672-4826-b5cf-a9fe73844514 |
X-Runtime | 0.072602 |
Vary | Accept-Encoding |
Content-Encoding | gzip |
X-Rack-Cache | miss |
Content-Security-Policy | default-src https: 'self' d3sjx7m1rsw5t2.cloudfront.net *.optimizely.com ss42phpnet.phpnet.org; child-src 'self' player.vimeo.com payment.hipay.com test-payment.hipay.com www.youtube.com www.google.com www.google.be *.optimizely.com secure.ogone.com www.kbc.be www.cbc.be secure-gateway.hipay-tpp.com payment-web.sips-atos.com platform.twitter.com syndication.twitter.com *.facebook.com *.talkgadget.google.com *.stripe.com *.ing.be *.g.doubleclick.net; connect-src wss: 'self' d3sjx7m1rsw5t2.cloudfront.net ws://d3sjx7m1rsw5t2.cloudfront.net api.rollbar.com *.hotjar.com fl.paymill.de *.intercom.io *.log.optimizely.com *.inspectlet.com *.stripe.com agilecrm.s3.amazonaws.com *.getsmartlook.com *.smartlook.com; font-src 'self' d3sjx7m1rsw5t2.cloudfront.net data: *.gstatic.com cdnjs.cloudflare.com *.intercomcdn.com; img-src 'self' data: d3sjx7m1rsw5t2.cloudfront.net listminutv3-prod-assets.s3.amazonaws.com listminut.be cidoum.s3.amazonaws.com *.gstatic.com *.googleapis.com www.google-analytics.com www.google.com pci.usd.de code.jquery.com *.facebook.com scontent.xx.fbcdn.net my.clickdesk.com s3.amazonaws.com d1gwclp1pmzk26.cloudfront.net d25wh3ilibgxb0.cloudfront.net contactuswidget.appspot.com stats.g.doubleclick.net *.log.optimizely.com js.intercomcdn.com cdn.ckeditor.com www.google.be *.inspectlet.com *.stripe.com pbs.twimg.com *.chiens-chats.be *.toutoublog.com *.gralon.net *.seniorsavotreservice.com *.aquadesign.be *.ldh.be cluster015.ovh.net ss42phpnet.phpnet.org www.jardinature.net; media-src https: 'self' d3sjx7m1rsw5t2.cloudfront.net js.intercomcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' d3sjx7m1rsw5t2.cloudfront.net cdnjs.cloudflare.com cdn.ckeditor.com cdn.jsdelivr.net ajax.cloudflare.com code.jquery.com code.highcharts.com js-agent.newrelic.com bam.nr-data.net connect.facebook.net my.clickdesk.com d1gwclp1pmzk26.cloudfront.net d3dy5gmtp8yhk7.cloudfront.net clickdeskvisitors.appspot.com www.google-analytics.com www.googleadservices.com *.googleapis.com *.hotjar.com *.optimizely.com *.paymill.com *.paymill.de *.intercom.io js.intercomcdn.com *.stripe.com cdn.inspectlet.com platform.twitter.com graph.facebook.com talkgadget.google.com d37gvrvc0wt4s1.cloudfront.net *.smartlook.com; style-src 'self' 'unsafe-inline' code.jquery.com cdnjs.cloudflare.com d3sjx7m1rsw5t2.cloudfront.net fonts.googleapis.com d1gwclp1pmzk26.cloudfront.net cdn.ckeditor.com *.stripe.com |
Referrer-Policy | origin-when-cross-origin |
X-Content-Type-Options | nosniff |
X-Download-Options | noopen |
X-Permitted-Cross-Domain-Policies | none |
X-Xss-Protection | 1; mode=block |
Transfer-Encoding | chunked |
Via | 1.1 vegur |