Server | nginx |
Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding, Accept-Encoding |
Cache-Control | max-age=0, must-revalidate, private, s-maxage=3600 |
Content-Security-Policy | child-src cdn.myclang.com www.googletagmanager.com drukwerkdeal.atlassian.net www.youtube.com player.vimeo.com cloud.cobrowser.net e.drukwerkdeal.nl e.printdeal.be editor2.drukwerkdeal.nl tbs.tradedoubler.com solutions.tradedoubler.com vars.hotjar.com 5452317.fls.doubleclick.net drukwerkdeal.swis.nl *.visualwebsiteoptimizer.com roundme.com *.conversify.com disqus.com *.vwo.com optimize.google.com *.visualwebsiteoptimizer.com; font-src 'self' printdealcdn.s3.amazonaws.com weloveiconfonts.com fonts.gstatic.com data: fonts.googleapis.com *.conversify.com fonts.documents.cimpress.io s3-eu-west-1.amazonaws.com; img-src 'self' data: blob: app.resrc.it *.drukwerkdeal.nl drukwerkdeal.nl d3rw17qf3t8223.cloudfront.net d4e119i9vv87s.cloudfront.net stats.g.doubleclick.net printdealcdn.s3.amazonaws.com printdealcdn.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com eonnas-aws.s3-eu-west-1.amazonaws.com tagmanager.google.com *.zendesk.com *.zdusercontent.com manager.acc.ppg.nu rum-collector.pingdom.net cloud.cobrowser.net *.visualwebsiteoptimizer.com i.ytimg.com www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.be www.google.de www.google.nl www.google.fr www.facebook.net www.facebook.com bat.r.msn.com bat.bing.com static.hotjar.com t.co log01.leadboxer.com ts.tradetracker.net filesystem *.documents.cimpress.io *.conversify.com *.gstatic.com images.contentful.com c.disquscdn.com referrer.disqus.com optimize.google.com mcp-uploads-documents-eu-west-1.s3-eu-west-1.amazonaws.com mcp-uploads-documents-ap-northeast-1.s3-ap-northeast-1.amazonaws.com mcp-uploads-documents-us-east-1.s3-us-east-1.amazonaws.com mcp-uploads-documents-us-east-1.s3-external-1.amazonaws.com printdeal-printjobservice.s3.eu-west-1.amazonaws.com uploads-production-eu-west-1-720291080779.s3-eu-west-1.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' cloud.cobrowser.net www.googletagmanager.com www.google-analytics.com tagmanager.google.com rum-static.pingdom.net *.visualwebsiteoptimizer.com *.vwo.com www.googleadservices.com connect.facebook.net bat.bing.com *.hotjar.com platform.twitter.com d1fc8wv8zag5ca.cloudfront.net *.leadboxer.com static.ads-twitter.com tm.tradetracker.net dcl.cimpress.io printdealcdn.s3.amazonaws.com drukwerkdeal.prooflink.com analytics.twitter.com *.conversify.com *.sociomantic.com c.disquscdn.com printdeal-nl.disqus.com disqus.com optimize.google.com; style-src 'self' data: blob: 'unsafe-inline' fonts.googleapis.com tagmanager.google.com cloud.cobrowser.net d4e119i9vv87s.cloudfront.net s3-eu-west-1.amazonaws.com printdealcdn.s3.amazonaws.com dcl.cimpress.io *.visualwebsiteoptimizer.com *.conversify.com printdealcdn.s3.amazonaws.com c.disquscdn.com *.vwo.com optimize.google.com fonts.googleapis.com |
Strict-Transport-Security | max-age=31536000 |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1;mode=block |
X-Content-Type-Options | nosniff |
Content-Encoding | gzip |