Content-Type: text/html; charset=UTF-8
Public-Key-Pins: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M="; pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; max-age=3600; report-uri="https://ictivity.report-uri.com/r/d/hpkp/enforce"
Date: Sun, 25 Feb 2018 22:40:44 GMT
Server: Apache
HTTP/1.1 200 OK
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: none
X-UA-Compatible: IE=edge,chrome=1
X-Download-Options: noopen
Link: <https://werkenbijictivity.nl/>; rel=shortlink
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
X-Pingback: https://werkenbijictivity.nl/xmlrpc.php
X-TransIP-Balancer: lb1
X-TransIP-Backend: web281
X-Content-Type-Options: nosniff
Expect-CT: max-age=3600, enforce, report-uri="https://ictivity.report-uri.com/r/d/ct/enforce"
Transfer-Encoding: chunked
Link: <https://werkenbijictivity.nl/wp-json/>; rel="https://api.w.org/"
X-DNS-Prefetch-Control: on
Set-Cookie: Max-Age=7200; path=/; secure; HttpOnly; SameSite=Lax
Content-Security-Policy-Report-Only: default-src 'self' 'inline'; report-uri https://ictivity.report-uri.com/r/d/csp/reportOnly