Server | nginx |
Content-Type | text/html; charset=utf-8 |
Connection | keep-alive |
X-Drupal-Cache | HIT |
Etag | "1517607927-1" |
Content-Language | nl |
X-UA-Compatible | IE=edge,chrome=1 |
Cache-Control | public, max-age=0 |
Last-Modified | Fri, 02 Feb 2018 21:45:27 GMT |
Expires | Sun, 19 Nov 1978 05:00:00 GMT |
Vary | Cookie,Accept-Encoding |
Content-Encoding | gzip |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Content-Security-Policy | default-src 'self' data: https://stats.g.doubleclick.net/ https://d6tizftlrpuof.cloudfront.net/ https://api.usabilla.com/ https://www.google-analytics.com/ https://api.dhlparcel.nl/ https://www.googletagmanager.com/ https://components.dhlparcel.nl/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.cloudfront.net/ https://api.usabilla.com/ https://r1.surveysandforms.com/ https://w.usabilla.com/ https://api.dhlparcel.nl/ https://www.googletagmanager.com/ https://components.dhlparcel.nl/ https://www.google-analytics.com/ https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://*.usabilla.com https://*.cloudfront.net/ https://www.google.com/ https://www.google.nl/ https://stats.g.doubleclick.net/ https://www.google-analytics.com/ https://api.dhlparcel.nl/ https://components.dhlparcel.nl/ https://googletagmanager.com/ https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://www.dhlparcel.be/ data:; style-src 'self' 'unsafe-inline' https://dhlparcel.secure.force.com/ https://*.cloudfront.net/ https://api.dhlparcel.nl/ https://www.google-analytics.com/ https://components.dhlparcel.nl/ https://googletagmanager.com/ https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://*.cloudfront.net/ https://themes.googleusercontent.com; child-src https://d6tizftlrpuof.cloudfront.net/ https://r1.surveysandforms.com/ https://dhlparcel.secure.force.com/ https://api.dhlparcel.nl/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://www.youtube.com/; object-src 'self' |
X-Content-Type-Options | nosniff, nosniff |
X-XSS-Protection | 1; mode=block |
X-DNS-Prefetch-Control | : off |
X-Frame-Options | ALLOW-FROM salesforce.com, ALLOW-FROM force.com, ALLOW-FROM dhlparcel.secure.force.com |