server: |
nginx |
date: |
Wed, 09 Oct 2024 01:44:31 GMT |
content-type: |
text/html; charset=UTF-8 |
transfer-encoding: |
chunked |
connection: |
close |
cache-control: |
must-revalidate, no-cache, private |
x-ua-compatible: |
IE=edge |
content-language: |
nl |
expires: |
Sun, 19 Nov 1978 05:00:00 GMT |
access-control-allow-origin: |
* |
content-security-policy: |
default-src 'self' *.orange.be *.google.es *.abtasty.com *.fontawesome.com *.typekit.net *.digitalchannels.technology cdn.jsdelivr.net *.cookielaw.org *.googletagmanager.com *.optimizegoogle.com *.optimize-google.com *.googleanalytics.com *.google-analytics.com *.newrelic.com *.onetrust.com *.hotjar.com *.adbutter.net *.adnxs.com *.doubleclick.net *.amazon-adsystem.com brand-messenger.app.khoros.com *.khoros.com ssl://brandmessenger-ws.euw1.khoros.com:8883 proactive-chat-server-eu.prod.aws.lcloud.com messaging-auth-eu-west-1.prod.aws.lcloud.com; script-src blob: 'self' 'unsafe-inline' 'unsafe-eval' * https://optimize.google.com https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://googleads.g.doubleclick.net https://script.hotjar.com https://connect.facebook.net https://www.googleadservices.com http//www.googleadservices.com https://static.hotjar.com https://trk.adbutter.net https://accounts.google.com https://www.googleanalytics.com https://www.googleoptimize.com *.customersaas.com t.contentsquare.net contentsquare.com *.emsecure.net *.customersaas.com *.orange.be *.netdna-ssl.com blob: *.abtasty.com *.googleapis.com https://assets.pinterest.com https://widgets.pinterest.com; object-src 'self' *.mobistar.be *.orange.be *.netdna-ssl.com; style-src 'unsafe-inline' 'self' https://optimize.google.com https://fonts.googleapis.com *.mobistar.be *.cloudfront.net *.customersaas.com *.orange.be *.netdna-ssl.com cdnjs.cloudflare.com *.gstatic.com *.abtasty.com *.googleapis.com messaging-khoros.app.khoros.com cdn.jsdelivr.net *.typekit.net *.googletagmanager.com; img-src * blob: https://optimize.google.com *.orange.be https://www.facebook.com https://www.google.com https://www.google.es https://static.hotjar.com *.fls.doubleclick.net https://brand-messenger.app.khoros.com *.adnxs.com https://p1.zemanta.com https://aax-eu.amazon-adsystem.com https://www.google-analytics.com *.googletagmanager.com data: *.abtasty.com *.amazonaws.com *.cloudfront.net *.contentsquare.net https://i.pinimg.com https://log.pinterest.com; media-src 'self' data: *.mobistar.be *.orange.be *.netdna-ssl.com https://v.pinimg.com; frame-src 'self' https://optimize.google.com * emsecure.net *.orange.be https://assets.pinterest.com; font-src 'self' https://fonts.gstatic.com *.mobistar.be *.customersaas.com *.orange.be cdn.livechatinc.com themes.googleusercontent.com *.netdna-ssl.com blob: data: *.googleapis.com *.gstatic.com *.abtasty.com brand-messenger.app.khoros.com messaging-khoros.app.khoros.com *.typekit.net *.fontawesome.com; connect-src 'self' *.googlesyndication.com *.gstatic.com w998baawd3-dsn.algolia.net uq5v1rcrhz-dsn.algolia.net *.algolianet.com insights.algolia.io *.cloudfront.net *.tealiumiq.com *.usabilla.com *.emsecure.net *.customersaas.com wss://*.khoros.com wss://*.khorostech.com *.eshop.orange.be *.orange.be *.digitalchannels.technology *.mousestats.com secure.comparecycle.com *.abtasty.com *.contentsquare.net *.smooch.io *.slgnt.eu *.google-analytics.com *.prod.aws.lcloud.com *.typekit.net cdn.jsdelivr.net *.nr-data.net cdnjs.cloudflare.com *.google.com *.google.es *.google.be *.fontawesome.com *.cookielaw.org *.onetrust.com *.hotjar.com *.adbutter.net *.adnxs.com *.doubleclick.net *.newrelic.com wss://*.hotjar.com *.googletagmanager.com *.ipify.org px.ads.linkedin.com *.zemanta.com *.googleadservices.com *.facebook.net *.facebook.com *.hotjar.io *.amazon-adsystem.com browser-update.org *.googleapis.com *.tiqcdn.com *.teads.tv *.pinterest.com *.taboola.com *.clarity.ms *.gsitrix.com *.adensemble.com *.cookieless-data.com bbd-tag.de admaxium.com *.perfectaudiencertg.com *.netdna-ssl.com *.twitter.com *.bing.com *.pinimg.com *.licdn.com https://static.ads-twitter.com https://js.adsrvr.org https://img.netaffiliation.com https://files.qualifio.com *.khoros.com; frame-ancestors 'self' https://mobile.kbc-group.com https://kbctouch.kbc.be https://cbctouch.cbc.be https://touch.kbcbrussels.be https://mobileyoungsterapp.kbc-group.com ; |
referrer-policy: |
strict-origin-when-cross-origin |
strict-transport-security: |
max-age=31536000; includeSubDomains |
x-content-type-options: |
nosniff |
x-frame-options: |
ALLOW-FROM *.mobistar.be *.orange.be *.optimizely.com mobile.kbc-group.com mobileyoungsterapp.kbc-group.com kbctouch.kbc.be cbctouch.cbc.be touch.kbcbrussels.be |
x-xss-protection: |
1; mode=block |
surrogate-control: |
no-store, content="BigPipe/1.0" |
set-cookie: |
language=nl; expires=Thu, 09-Oct-2025 01:44:28 GMT; Max-Age=31535997; path=/; domain=.orange.be; secure; samesite=lax,visid_incap_2191806=Dm9WbnbcRgKiyvaL6Q416PvfBWcAAAAAQUIPAAAAAABnPYrRYtALE3NOr1suNlgh; expires=Wed, 08 Oct 2025 15:38:30 GMT; HttpOnly; path=/; Domain=.orange.be,nlbi_2191806=UepqAAV5lCaHN6RLrEmb5gAAAACWKWro8HkgPhyvKOXZWsLP; HttpOnly; path=/; Domain=.orange.be,incap_ses_775_2191806=CTxfTH7Df12tnQbIh1rBCv/fBWcAAAAAMYhhucEmxGbzRkhg0J89Vg==; path=/; Domain=.orange.be |
vary: |
Accept-Encoding |
x-request-id: |
v-0586ba80-85e0-11ef-aeda-c7d0300cccc5 |
x-ah-environment: |
prod |
age: |
0 |
via: |
varnish |
x-cache: |
MISS |
accept-ranges: |
bytes |
x-cdn: |
Imperva |
x-iinfo: |
5-37562013-37562022 NNNN CT(128 258 0) RT(1728438267141 109) q(0 0 4 1) r(38 39) U24 |