Strict-Transport-Security: max-age=31536000;includeSubDomains
Date: Sun, 01 Oct 2017 08:53:34 GMT
Transfer-Encoding: chunked
Content-Security-Policy: default-src 'self' s.skitz.eu; script-src 'self' 'unsafe-inline' 'unsafe-eval' s.skitz.eu www.google-analytics.com www.google.com apis.google.com www.gstatic.com connect.facebook.net *.pinterest.com https://track.shop2market.com https://www.locatiekiezer.nl https://connect.ekomi.de; object-src 'self'; style-src 'self' 'unsafe-inline' s.skitz.eu; img-src * data:; media-src 'none'; frame-src https://www.youtube.com https://track.shop2market.com https://assets.pinterest.com https://www.locatiekiezer.nl www.google.com *.facebook.com https://www.kieskeurig.nl/wl/winkelreview/66d30ef3-5f8c-4784-93dc-b0b2c747fd5f; font-src 'self' s.skitz.eu; connect-src 'self' *.skitz.eu
Content-Type: text/html; charset=UTF-8
Set-Cookie: sessionID=f7b6a0409c25bede0a5f0a9da09a39895bca83643a0c48c286b73317bc2917233d01ae317342b11bbc88ad959ee8eba944ea4755a3b2f850f60dd8cb7836ece7; expires=Sun, 01-Oct-2017 16:53:34 GMT; Max-Age=28800; path=/; domain=.www.collit.be; secure; HttpOnly
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: default-src 'self' s.skitz.eu; script-src 'self' 'unsafe-inline' 'unsafe-eval' s.skitz.eu www.google-analytics.com www.google.com apis.google.com www.gstatic.com connect.facebook.net *.pinterest.com https://track.shop2market.com https://www.locatiekiezer.nl https://connect.ekomi.de; object-src 'self'; style-src 'self' 'unsafe-inline' s.skitz.eu; img-src * data:; media-src 'none'; frame-src https://www.youtube.com https://track.shop2market.com https://assets.pinterest.com https://www.locatiekiezer.nl www.google.com *.facebook.com https://www.kieskeurig.nl/wl/winkelreview/66d30ef3-5f8c-4784-93dc-b0b2c747fd5f; font-src 'self' s.skitz.eu; connect-src 'self' *.skitz.eu
X-Frame-Options: ALLOW-FROM https://www.locatiekiezer.nl/
Server: Apache/2.4.18
X-Content-Type-Options: nosniff
Link: <https://www.collit.be/>; rel="canonical"
HTTP/1.1 200 OK
Referrer-Policy: origin-when-cross-origin
Vary: Accept-Encoding