| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| X-Xss-Protection | 1; mode=block |
| Strict-Transport-Security | max-age=31536000; |
| X-Cache | Miss from cloudfront |
| Via | 1.1 05ef36e101d185586daa8fc331b01c84.cloudfront.net (CloudFront) |
| X-Ua-Compatible | IE=edge |
| X-Content-Type-Options | nosniff |
| Vary | Cookie,Accept-Encoding,User-Agent |
| X-Amz-Cf-Id | H3ou6FxwlPGmJ8kY40EisBa_QgYL9aLABSA1kVe3cwOn_D18x1LkBQ== |
| Set-Cookie | TS01418b58=01f53c544ed36e7c3f881e594e2387ce21a9f67708732c1103b5d649851426bdc944844cd755252d6730e668160ccd23c274a54f798a677616c6d242e68646e26087c067be; Path=/; Domain=.www.bpost.be |
| X-Drupal-Cache | HIT |
| Last-Modified | Mon, 07 Apr 2025 11:49:54 GMT |
| Connection | keep-alive |
| Cache-Control | max-age=86400, public |
| X-Drupal-Dynamic-Cache | UNCACHEABLE |
| Permissions-Policy | interest-cohort=() |
| Expires | Sun, 19 Nov 1978 05:00:00 GMT |
| Content-Security-Policy | default-src 'self' blob: *.crazyegg.com *.screeb.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.googleoptimize.com www.google-analytics.com cdn.jsdelivr.net maxcdn.bootstrapcdn.com cdnjs.cloudflare.com mimo84.github.io bpaid.unfyd.com bpost2.unfyd.com www.google.com www.gstatic.com cdn.rawgit.com tagmanager.google.com optanon.blob.core.windows.net cdn.cookielaw.org code.jquery.com ajax.googleapis.com w.usabilla.com www.bpost2.be http://bpost2.be maps.googleapis.com connect.facebook.net s.pinimg.com img.en25.com api.usabilla.com d6tizftlrpuof.cloudfront.net bpost.wikafi.be bat.bing.com geolocation.onetrust.com static.addtoany.com *.licdn.com *.linkedin.com hello.bpost.be static.zdassets.com unpkg.com mktdplp102cdn.azureedge.net oc-cdn-public-eur.azureedge.net msft-lcw-trial.azureedge.net https://deploy.mopinion.com/js/pastease.js https://collect.mopinion.com *.crazyegg.com *.screeb.app *.survicate.com *.urlgeni.us *.surveysparrow.com *.heap-api.com *.clarity.ms; object-src 'self' bpaid.unfyd.com; style-src 'self' 'unsafe-inline' cdn.jsdelivr.net maxcdn.bootstrapcdn.com cdnjs.cloudflare.com mimo84.github.io fonts.googleapis.com bpaid.unfyd.com bpost2.unfyd.com bpost2.unfyd.com www.google.com optanon.blob.core.windows.net tagmanager.google.com www.bpost2.be bpost2.be cdn.cookielaw.org d6tizftlrpuof.cloudfront.net bpost.wikafi.be bat.bing.com static.addtoany.com oc-cdn-public-eur.azureedge.net msft-lcw-trial.azureedge.net 'self' 'unsafe-inline' *.crazyegg.com *.survicate.com www.googletagmanager.com; img-src 'self' www.google-analytics.com cdnjs.cloudflare.com www.googletagmanager.com www.w3.org bpaid.unfyd.com bpost2.unfyd.com www.bpost.be faq.bpost.cloud www.google.com cdn.rawgit.com raw.githubusercontent.com ssl.gstatic.com www.gstatic.com lh3.googleusercontent.com www.bpost2.be bpost2.be fonts.gstatic.com d6tizftlrpuof.cloudfront.net ct.pinterest.com www.facebook.com www.google.be cdn.cookielaw.org w.usabilla.com hello.bpost.be www.w3.org cdn.cookielaw.org maps.gstatic.com maps.googleapis.com data: d6tizftlrpuof.cloudfront.net www.facebook.com hello.bpost.be bpost.wikafi.be bat.bing.com *.linkedin.com static.addtoany.com bgt.bpost.be 538835779d824008aefa55a061aa72cc.svc.dynamics.com svc.dynamics.com dynamics.com dynamics.com/t/v/ 538835779d824008aefa55a061aa72cc.svc.dynamics.com/t/v/ oc-cdn-public-eur.azureedge.net msft-lcw-trial.azureedge.net *.crazyegg.com *.clarity.ms; frame-src 'self' bpaid.unfyd.com www.google.com www.bpost2.be pass.bpost.be preprints.taxipost.net maf.taxipost.net www.youtube.com youtube.com www.bpost.be campaigns.bpost2.be www.facebook.com bpost2.be d6tizftlrpuof.cloudfront.net http://www.bpost.be www.facebook.com bpost.wikafi.be d30o8tpw3q5jvi.cloudfront.net dmc.bpost.cloud news.bpost.be player.vimeo.com static.addtoany.com 11319605.fls.doubleclick.net oc-cdn-public-eur.azureedge.net msft-lcw-trial.azureedge.net *.crazyegg.com *.dynamics.com *.surveysparrow.com youtu.be *.usabilla.com www.googletagmanager.com; frame-ancestors 'self' http://oas-pr.netpost; child-src 'self' blob:; font-src 'self' fonts.gstatic.com cdn.jsdelivr.net fonts.googleapis.com cdnjs.cloudflare.com bpaid.unfyd.com bpost2.unfyd.com maxcdn.bootstrapcdn.com www.bpost2.be bpost2.be bpost.wikafi.be *.survicate.com; connect-src 'self' www.google-analytics.com s1833705806.t.eloqua.com chatbot.bpost.be bpaid.unfyd.com bpost2.unfyd.com cdn.cookielaw.org ct.pinterest.com stats.g.doubleclick.net api.usabilla.com cdn.cookielaw.org stats.g.doubleclick.net bpost.wikafi.be privacyportal-de.onetrust.com ekr.zdassets.com elkezaakonline.zendesk.com static.addtoany.com stats.addtoany.com geolocation.onetrust.com *.google-analytics.com api.gcm-pr.bpost.cloud maps.googleapis.com www.google-analytics.com region1.analytics.google.com analytics.google.com https://deploy.mopinion.com https://cacheorcheck.mopinion.com https://survey.mopinion.com *.crazyegg.com *.dynamics.com *.screeb.app *.surveysparrow.com https://prod-162.westeurope.logic.azure.com https://urlgeni.us https://mdy.api.bpost.be youtube.com www.google.com *.clarity.ms nominatim.openstreetmap.org; report-uri /report-csp-violation; upgrade-insecure-requests |
| Etag | "1744026594-gzip" |
| X-Amz-Cf-Pop | BRU50-P2 |
| Content-Type | text/html; charset=UTF-8 |
| Date | Mon, 07 Apr 2025 12:48:00 GMT |
| Link | <https://www.bpost.be/en>; rel="canonical", <https://www.bpost.be/en>; rel="shortlink", <https://www.bpost.be/nl>; rel="alternate"; hreflang="nl", <https://www.bpost.be/en>; rel="alternate"; hreflang="en", <https://www.bpost.be/fr>; rel="alternate"; hreflang="fr", <https://www.bpost.be/de>; rel="alternate"; hreflang="de" |
| Content-Language | en |
| X-Frame-Options | ALLOW-FROM http://oas-pr.netpost |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar