X-Frame-Options: DENY
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Xss-Protection: 1; mode=block
Content-Security-Policy: child-src 'self' *.hotjar.com *.youtube.com *.facebook.com *.google.* *.issuu.com *googlebot* https://*.genkgo.com; connect-src 'self' *.hotjar.com *.hotjar.com:12443 wss://*.hotjar.com *.google.* *googlebot* https://*.genkgo.com; font-src 'self' use.typekit.net *.hotjar.com *.google.* *googlebot* https://*.genkgo.com 'unsafe-inline'; img-src 'self' https://* http://* https://*.genkgo.com data:; media-src *.google.* *googlebot* https://*.genkgo.com; script-src 'self' use.typekit.net www.google-analytics.com *.hotjar.com *.google.* *googlebot* https://*.genkgo.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' use.typekit.net *.google.* *googlebot* https://*.genkgo.com 'unsafe-inline';
Date: Fri, 27 Oct 2017 07:27:15 GMT
X-Content-Type-Options: nosniff
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx
HTTP/1.1 200 OK
Referrer-Policy: strict-origin
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; preload;
Set-Cookie: gsitesession=7a6c61c27b6214762e6edfac231a752a; path=/; domain=efr.nl; secure; HttpOnly; SameSite=Lax
Transfer-Encoding: chunked
Connection: keep-alive