That looks like AngularJS' Strict Contextual Escaping (SCE) mode has blocked loading a resource from an "insecure" URL.
Their docs state: "The browser's Same Origin Policy and Cross-Origin Resource Sharing (CORS) policy apply that may further restrict whether the template is successfully loaded. (e.g. neither cross-domain requests won't work on all browsers nor file:// requests on some browsers)"
Try wrapping the template url with a call like:
$sce.trustAsUrl('templates/header/prospection.html')