X-Frame-Options: SameOrigin
Content-Type: text/html; charset=utf-8
Content-Language: en
cache-control: max-age = 3600
X-UA-Compatible: IE=edge,chrome=1
HTTP/1.1 200 OK
X-XSS-Protection: 1; mode=block
age: 0
Strict-Transport-Security: max-age=1000; includeSubDomains
Strict-Transport-Security: max-age=31536000
From-Origin: serialized origin
Link: <https://www.nn.be/en>; rel="canonical",<https://www.nn.be/en>; rel="shortlink"
Connection: keep-alive
Server: nginx
Last-Modified: Sun, 07 Jan 2018 21:02:47 GMT
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app.getrefurls.com https://www.googletagmanager.com https://www.google-analytics.com ; object-src 'self'; style-src 'self' 'unsafe-inline' https://app.getrefurls.com; img-src 'self' data:; media-src 'self'; frame-src 'self'; font-src 'self'; connect-src 'self'; report-uri /admin/config/system/seckit/csp-report
Accept-Ranges: bytes
Etag: "1515358967-0"
Content-Length: 34932
Date: Sun, 07 Jan 2018 21:42:40 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app.getrefurls.com https://www.googletagmanager.com https://www.google-analytics.com ; object-src 'self'; style-src 'self' 'unsafe-inline' https://app.getrefurls.com; img-src 'self' data:; media-src 'self'; frame-src 'self'; font-src 'self'; connect-src 'self'; report-uri /admin/config/system/seckit/csp-report
X-Content-Type-Options: nosniff
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app.getrefurls.com https://www.googletagmanager.com https://www.google-analytics.com ; object-src 'self'; style-src 'self' 'unsafe-inline' https://app.getrefurls.com; img-src 'self' data:; media-src 'self'; frame-src 'self'; font-src 'self'; connect-src 'self'; report-uri /admin/config/system/seckit/csp-report