Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Cache-Control | max-age=86400, public |
X-Drupal-Dynamic-Cache | UNCACHEABLE |
X-UA-Compatible | IE=edge |
Content-language | nl |
X-Content-Type-Options | nosniff |
X-Frame-Options | SameOrigin |
Expires | Sun, 19 Nov 1978 05:00:00 GMT |
Last-Modified | Tue, 27 Feb 2018 00:40:39 GMT |
ETag | "1519692039" |
Vary | Cookie,Accept-Encoding |
X-Generator | Drupal 8 (https://www.drupal.org) |
Content-Security-Policy | script-src tagmanager.google.com 'self' 'unsafe-eval' 'unsafe-inline' use.typekit.net www.googletagmanager.com www.google-analytics.com cdnjs.cloudflare.com www.googleadservices.com https://googleads.g.doubleclick.net https://connect.facebook.net *.hotjar.com *.mouseflow.com; style-src 'self' 'unsafe-inline' use.typekit.net fonts.googleapis.com cdnjs.cloudflare.com tagmanager.google.com; img-src 'self' p.typekit.net www.google.be www.google.com www.facebook.com https://googleads.g.doubleclick.net www.google-analytics.com https://stats.g.doubleclick.net data: ssl.gstatic.com www.gstatic.com; font-src 'self' *.typekit.net fonts.gstatic.com; connect-src 'self' performance.typekit.net *.hotjar.com *.mouseflow.com; report-uri /report-csp-violation |
X-Content-Security-Policy | script-src tagmanager.google.com 'self' 'unsafe-eval' 'unsafe-inline' use.typekit.net www.googletagmanager.com www.google-analytics.com cdnjs.cloudflare.com www.googleadservices.com https://googleads.g.doubleclick.net https://connect.facebook.net *.hotjar.com *.mouseflow.com; style-src 'self' 'unsafe-inline' use.typekit.net fonts.googleapis.com cdnjs.cloudflare.com tagmanager.google.com; img-src 'self' p.typekit.net www.google.be www.google.com www.facebook.com https://googleads.g.doubleclick.net www.google-analytics.com https://stats.g.doubleclick.net data: ssl.gstatic.com www.gstatic.com; font-src 'self' *.typekit.net fonts.gstatic.com; connect-src 'self' performance.typekit.net *.hotjar.com *.mouseflow.com; report-uri /report-csp-violation |
X-WebKit-CSP | script-src tagmanager.google.com 'self' 'unsafe-eval' 'unsafe-inline' use.typekit.net www.googletagmanager.com www.google-analytics.com cdnjs.cloudflare.com www.googleadservices.com https://googleads.g.doubleclick.net https://connect.facebook.net *.hotjar.com *.mouseflow.com; style-src 'self' 'unsafe-inline' use.typekit.net fonts.googleapis.com cdnjs.cloudflare.com tagmanager.google.com; img-src 'self' p.typekit.net www.google.be www.google.com www.facebook.com https://googleads.g.doubleclick.net www.google-analytics.com https://stats.g.doubleclick.net data: ssl.gstatic.com www.gstatic.com; font-src 'self' *.typekit.net fonts.gstatic.com; connect-src 'self' performance.typekit.net *.hotjar.com *.mouseflow.com; report-uri /report-csp-violation |
X-XSS-Protection | 1; mode=block |
X-Drupal-Cache | HIT |
Content-Encoding | gzip |
Strict-Transport-Security | max-age=31536000 |