X-WebKit-CSP: default-src 'self'; script-src 'self' data: https://www.gstatic.com ajax.googleapis.com *.googletagmanager.com *.ytimg.com *.google.com *.google-analytics.com *.youtube.com static.doubleclick.net s7.addthis.com m.addthis.com platform.twitter.com connect.facebook.net c.getscenario.com bat.bing.com pixel.convertize.io https://static.hotjar.com https://script.hotjar.com api.salesfeed.com 'unsafe-inline' 'unsafe-eval'; object-src 'self' *.youtube.com *.ytimg.com 'unsafe-inline'; style-src 'self' fonts.googleapis.com *.ytimg.com https://tagmanager.google.com 'unsafe-inline'; img-src 'self' data: https://*.ccv.nl https://ccv.eu https://*.ccv.eu https://www.google.com https://www.google.nl https://www.google-analytics.com https://stats.g.doubleclick.net https://www.facebook.com https://syndication.twitter.com https://www.thuiswinkel.org https://bat.r.msn.com https://bat.bing.com https://app.getscenario.com https://c.getscenario.com https://s3-eu-west-1.amazonaws.com https://rest-production.mollom.com; media-src 'self' *.youtube.com *.ytimg.com 'unsafe-inline'; frame-src 'self' https://e.ccv.nl https://*.ccv.ch www.google.com *.youtube.com *.ytimg.com s7.addthis.com platform.twitter.com https://www.facebook.com staticxx.facebook.com player.vimeo.com https://vars.hotjar.com 'unsafe-inline'; child-src 'self' https://e.ccv.nl https://*.ccv.ch www.google.com *.youtube.com *.ytimg.com s7.addthis.com platform.twitter.com https://www.facebook.com staticxx.facebook.com player.vimeo.com https://vars.hotjar.com 'unsafe-inline'; font-src 'self' fonts.googleapis.com fonts.gstatic.com; connect-src 'self' https://www.google-analytics.com s7.addthis.com m.addthis.com hotjar.com *.hotjar.com *.hotjar.com:* https://postcode-api.apiwise.nl; report-uri /report-csp-violation
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=0
X-Content-Type-Options: nosniff
Age: 0
X-Content-Security-Policy: default-src 'self'; script-src 'self' data: https://www.gstatic.com ajax.googleapis.com *.googletagmanager.com *.ytimg.com *.google.com *.google-analytics.com *.youtube.com static.doubleclick.net s7.addthis.com m.addthis.com platform.twitter.com connect.facebook.net c.getscenario.com bat.bing.com pixel.convertize.io https://static.hotjar.com https://script.hotjar.com api.salesfeed.com 'unsafe-inline' 'unsafe-eval'; object-src 'self' *.youtube.com *.ytimg.com 'unsafe-inline'; style-src 'self' fonts.googleapis.com *.ytimg.com https://tagmanager.google.com 'unsafe-inline'; img-src 'self' data: https://*.ccv.nl https://ccv.eu https://*.ccv.eu https://www.google.com https://www.google.nl https://www.google-analytics.com https://stats.g.doubleclick.net https://www.facebook.com https://syndication.twitter.com https://www.thuiswinkel.org https://bat.r.msn.com https://bat.bing.com https://app.getscenario.com https://c.getscenario.com https://s3-eu-west-1.amazonaws.com https://rest-production.mollom.com; media-src 'self' *.youtube.com *.ytimg.com 'unsafe-inline'; frame-src 'self' https://e.ccv.nl https://*.ccv.ch www.google.com *.youtube.com *.ytimg.com s7.addthis.com platform.twitter.com https://www.facebook.com staticxx.facebook.com player.vimeo.com https://vars.hotjar.com 'unsafe-inline'; child-src 'self' https://e.ccv.nl https://*.ccv.ch www.google.com *.youtube.com *.ytimg.com s7.addthis.com platform.twitter.com https://www.facebook.com staticxx.facebook.com player.vimeo.com https://vars.hotjar.com 'unsafe-inline'; font-src 'self' fonts.googleapis.com fonts.gstatic.com; connect-src 'self' https://www.google-analytics.com s7.addthis.com m.addthis.com hotjar.com *.hotjar.com *.hotjar.com:* https://postcode-api.apiwise.nl; report-uri /report-csp-violation
X-XSS-Protection: 1;mode=block
Server: Apache
Content-Type: text/html; charset=utf-8
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Etag: "1509020870-1"
X-Generator: Drupal 7 (http://drupal.org)
X-Varnish: 125496837
Content-Language: nl
X-UA-Compatible: IE=Edge,chrome=1
Content-Security-Policy: default-src 'self'; script-src 'self' data: https://www.gstatic.com ajax.googleapis.com *.googletagmanager.com *.ytimg.com *.google.com *.google-analytics.com *.youtube.com static.doubleclick.net s7.addthis.com m.addthis.com platform.twitter.com connect.facebook.net c.getscenario.com bat.bing.com pixel.convertize.io https://static.hotjar.com https://script.hotjar.com api.salesfeed.com 'unsafe-inline' 'unsafe-eval'; object-src 'self' *.youtube.com *.ytimg.com 'unsafe-inline'; style-src 'self' fonts.googleapis.com *.ytimg.com https://tagmanager.google.com 'unsafe-inline'; img-src 'self' data: https://*.ccv.nl https://ccv.eu https://*.ccv.eu https://www.google.com https://www.google.nl https://www.google-analytics.com https://stats.g.doubleclick.net https://www.facebook.com https://syndication.twitter.com https://www.thuiswinkel.org https://bat.r.msn.com https://bat.bing.com https://app.getscenario.com https://c.getscenario.com https://s3-eu-west-1.amazonaws.com https://rest-production.mollom.com; media-src 'self' *.youtube.com *.ytimg.com 'unsafe-inline'; frame-src 'self' https://e.ccv.nl https://*.ccv.ch www.google.com *.youtube.com *.ytimg.com s7.addthis.com platform.twitter.com https://www.facebook.com staticxx.facebook.com player.vimeo.com https://vars.hotjar.com 'unsafe-inline'; child-src 'self' https://e.ccv.nl https://*.ccv.ch www.google.com *.youtube.com *.ytimg.com s7.addthis.com platform.twitter.com https://www.facebook.com staticxx.facebook.com player.vimeo.com https://vars.hotjar.com 'unsafe-inline'; font-src 'self' fonts.googleapis.com fonts.gstatic.com; connect-src 'self' https://www.google-analytics.com s7.addthis.com m.addthis.com hotjar.com *.hotjar.com *.hotjar.com:* https://postcode-api.apiwise.nl; report-uri /report-csp-violation
Connection: close
Expires: Sun, 19 Nov 1978 05:00:00 GMT
HTTP/1.1 200 OK
Last-Modified: Thu, 26 Oct 2017 12:27:50 GMT
Via: 1.1 varnish
Date: Thu, 26 Oct 2017 12:28:52 GMT
Vary: Cookie,Accept-Encoding
X-Drupal-Cache: HIT
X-Frame-Options: SameOrigin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Link: <https://www.ccvonline.be/nl/frontpage>; rel="canonical",<https://www.ccvonline.be/nl/frontpage>; rel="shortlink"