| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Referrer-Policy | strict-origin-when-cross-origin |
| X-Download-Options | noopen |
| Access-Control-Allow-Origin | * |
| Connection | keep-alive |
| X-Xss-Protection | 0 |
| Content-Security-Policy | connect-src 'self' *.kpn.com kpn.com *.kpn.org *.adobetm.com edge.adobedc.net *.googletagmanager.com *.amplitude.com region1.analytics.google.com cloud.51degrees.com api-accept.customersaas.com *.google-analytics.com *.analytics-google.com *.mouseflow.com tracker.customersaas.com kpn.api.ruwido.com api-agendaplanner.kpnretail.nl api.customersaas.com scripts.kpn.nl pastease.mopinion.com kpn.mopinion.com deploy.mopinion.com cacheorcheck.mopinion.com survey.mopinion.com kpn-compleet-fpi-info.fourstack.nl wss://*.twilio.com https://*.twilio.com https://*.demdex.net https://assets.adobedtm.com *.tt.omtrdc.net https://adobeioruntime.net emea1-proxy.adobemc.com wss://*.kpn.com/chat-engine *.cookielaw.org *.onetrust.com www.pingvp.com kpn.pingvp.com https://pingvp.com *.insided.com *.algolia.net *.algolia.com fonts.googleapis.com maps.googleapis.com *.linkedin.com *.licdn.com *.useinsider.com cloud.51degrees.com https://kpngroup.emsecure.net https://*.arcgis.com https://*.arcgisonline.nl https://kpnnl.maps.arcgis.com *.doubleclick.net *.qelpcare.com https://kpn-com-forms-upload-limbo-nonprod.s3.amazonaws.com/ https://kpn-com-forms-upload-limbo-prod.s3.amazonaws.com/ *.ctfcloud.net *.invote.nl https://api.eu.amplitude.com; default-src 'self' *.kpn.com *.kpn.org; font-src 'self' *.kpn.com *.kpn.org www.pingvp.com kpn.pingvp.com https://pingvp.com fonts.gstatic.com gstatic.mopinion.com static.customersaas.com static-accept.customersaas.com *.insided.com *.algolia.net *.algolia.com fonts.googleapis.com *.useinsider.com data:; frame-ancestors 'self' mijnzakelijk.kpn.com www.grip-on-it.com https://app.contentful.com https://*.rooom.com https://virtuelewinkel.kpn.com; frame-src 'self' *.kpn.com *.kpn.org *.adobetm.com *.googletagmanager.com *.doubleclick.net callmenow.eu3.vanadaloha.net rpv.reviva.nl portal.bp.nu www.youtube.com www.youtube-nocookie.com kpngroup.emsecure.net kpn.mopinion.com kpn-mini.speedtestcustom.com kpn-itns.speedtestcustom.com www.pingvp.com kpn.pingvp.com https://pingvp.com reload.alphacomm.network www.grip-on-it.com https://*.demdex.net emea1-proxy.adobemc.com www.facebook.com *.onetrust.com *.atdmt.com *.adservice.google.nl tagmanager.google.com www.linkedin.com *.useinsider.com https://kpnnl.maps.arcgis.com https://open.spotify.com https://*.rooom.com https://virtuelewinkel.kpn.com https://embed-standalone.spotify.com; img-src 'self' blob: data: *.kpn.org *.ctfassets.net *.kpn.com is-accept.customersaas.com www.google.nl www.google.com www.facebook.com *.doubleclick.net adservice.google.com invitation.opinionbar.com www.pingvp.com kpn.pingvp.com https://pingvp.com d35v9wsdymy32b.cloudfront.net csi.gstatic.com maps.gstatic.com maps.googleapis.com kpn.com fonts.googleapis.com *.analytics-google.com *.google-analytics.com api.customersaas.com static.customersaas.com static-accept.customersaas.com d3mwk3f7r8fv9u.cloudfront.net d6tizftlrpuof.cloudfront.net cms-images.s3.amazonaws.com kpncomvod.download.kpnstreaming.nl w.usabilla.com www.telfort.nl mobielshop.test.marketingmakers.nl fra1.digitaloceanspaces.com cacheorcheck.mopinion.com survey.mopinion.com https://*.demdex.net https://assets.adobedtm.com https://*.arcgis.com https://*.arcgisonline.nl opt.objectiveportal.com *.cookielaw.org *.onetrust.com *.atdmt.com *.adservice.google.nl *.linkedin.com *.licdn.com p.adsymptotic.com api.useinsider.com kpnnl.api.useinsider.com *.dwin1.com *.bing.com *.112.2o7.net; media-src 'self' kpncomvod.download.kpnstreaming.nl *.kpn.com pingmediavod.download.kpnstreaming.nl kpn.pingvp.com https://pingvp.com https://pingvp.pingvp.com/ media.licdn.com *.ctfassets.net; object-src 'self' https://kpnnl.maps.arcgis.com; script-src 'nonce-wYU2MkqPbYiGOEF+1YiFrw==' 'strict-dynamic' https://pingvp.com/z/*; style-src 'unsafe-inline' 'self' *.kpn.com *.kpn.org d1r5etm691cejh.cloudfront.net static.customersaas.com static-accept.customersaas.com d6tizftlrpuof.cloudfront.net fonts.mopinion.com kpn.mopinion.com tagmanager.google.com cacheorcheck.mopinion.com survey.mopinion.com *.insided.com *.algolia.net *.algolia.com fonts.googleapis.com *.licdn.com www.pingvp.com kpn.pingvp.com https://pingvp.com *.useinsider.com https://www.gstatic.com https://kpngroup.emsecure.net; upgrade-insecure-requests |
| Cross-Origin-Resource-Policy | same-origin |
| Cross-Origin-Opener-Policy | same-origin |
| X-Dns-Prefetch-Control | off |
| Cache-Control | no-cache="Set-Cookie" |
| X-Amz-Cf-Id | _5IyEgpLVot6Wbs5VU1YB2531KTW0QHGgKJk94jljeINcrzFZINBBQ== |
| Age | 239 |
| Content-Type | text/html;charset=utf-8 |
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | DENY |
| Permissions-Policy | camera=(), display-capture=(), fullscreen=self "https://www.youtube.com", geolocation=self, microphone=() |
| Vary | Accept-Encoding,Accept-Encoding |
| Date | Sat, 19 Apr 2025 04:48:25 GMT |
| X-Permitted-Cross-Domain-Policies | none |
| Origin-Agent-Cluster | ?1 |
| X-Cache | Hit from cloudfront |
| Via | 1.1 20bac96d0c0df74d5e600294d22661e6.cloudfront.net (CloudFront) |
| X-Amz-Cf-Pop | BRU50-P1 |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar