Content-Length: 48136
HTTP/1.1 200 OK
Cache-Control: private
Public-Key-Pins-Report-Only: pin-sha256="SomvKp+ZKFiTBn/6RM+JGTQZddOpITnNOVL8a8l7uw8="; pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; includeSubDomains; max-age=1; report-uri="https://coop.report-uri.io/r/default/hpkp/reportOnly"
X-Content-Security-Policy: default-src 'self'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.pingdom.net *.abtasty.com *.veinteractive.com www.nordicchoicehotels.com *.twitter.com *.google.com extads.net m.addthisedge.com m.addthis.com s7.addthis.com assets.juicer.io www.google-analytics.com www.googletagmanager.com tagmanager.google.com res.cloudinary.com *.cloudfront.net *.facebook.com connect.facebook.net track.adform.net *.fls.doubleclick.net nowinteract-nowinteractnordi.netdna-ssl.com *.easyresearch.se *.zendesk.com *.zopim.com wss://*.zopim.com *.zopim.io; connect-src 'self' wss://*.coop.se:* wss://*.kf.local:* *.pingdom.net *.veinteractive.com *.abtasty.com ve1appseventssb.servicebus.windows.net apil1.spinnaker-js.com m.addthis.com s7.addthis.com www.juicer.io *.108proxy.se *.54proxy.se www.google-analytics.com www.googletagmanager.com tagmanager.google.com *.zendesk.com *.zopim.com wss://*.zopim.com *.zopim.io; style-src 'self' 'unsafe-inline' *.abtasty.com *.pingdom.net *.veinteractive.com assets.juicer.io tagmanager.google.com fonts.googleapis.com *.easyresearch.se *.zendesk.com *.zopim.com wss://*.zopim.com *.zopim.io; img-src 'self' data: *.pingdom.net *.zendesk.com *.abtasty.com www.gstatic.com api.hitta.se scontent.cdninstagram.com www.google.com www.google.se *.google-analytics.com *.googletagmanager.com tagmanager.google.com ssl.gstatic.com res.cloudinary.com *.cloudfront.net *.facebook.com stats.g.doubleclick.net track.adform.net *.fls.doubleclick.net *.easyresearch.se *.zendesk.com *.zopim.com wss://*.zopim.com *.zopim.io; font-src 'self' data: assets.juicer.io fonts.gstatic.com tagmanager.google.com *.zendesk.com *.zopim.com wss://*.zopim.com *.zopim.io; frame-src 'self' *.veinteractive.com accounts.google.com www.flysas.com app.ecoonline.com www.nordicchoicehotels.com recruit.visma.com www.recruit.visma.com www.aditrorecruit.com *.twitter.com www.youtube.com *.facebook.com c1.adform.net s7.addthis.com track.adform.net *.fls.doubleclick.net *.easyresearch.se *.abtasty.com *.zendesk.com *.zopim.com wss://*.zopim.com *.zopim.io; base-uri 'self' *.coop.se *.kf.local *.zopim.com wss://*.zopim.com *.zopim.io; report-uri *.zopim.com wss://*.zopim.com *.zopim.io
Expires: Wed, 10 May 2017 10:45:32 GMT
Date: Thu, 11 May 2017 10:45:31 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.pingdom.net *.abtasty.com *.veinteractive.com www.nordicchoicehotels.com *.twitter.com *.google.com extads.net m.addthisedge.com m.addthis.com s7.addthis.com assets.juicer.io www.google-analytics.com www.googletagmanager.com tagmanager.google.com res.cloudinary.com *.cloudfront.net *.facebook.com connect.facebook.net track.adform.net *.fls.doubleclick.net nowinteract-nowinteractnordi.netdna-ssl.com *.easyresearch.se *.zendesk.com *.zopim.com wss://*.zopim.com *.zopim.io; connect-src 'self' wss://*.coop.se:* wss://*.kf.local:* *.pingdom.net *.veinteractive.com *.abtasty.com ve1appseventssb.servicebus.windows.net apil1.spinnaker-js.com m.addthis.com s7.addthis.com www.juicer.io *.108proxy.se *.54proxy.se www.google-analytics.com www.googletagmanager.com tagmanager.google.com *.zendesk.com *.zopim.com wss://*.zopim.com *.zopim.io; style-src 'self' 'unsafe-inline' *.abtasty.com *.pingdom.net *.veinteractive.com assets.juicer.io tagmanager.google.com fonts.googleapis.com *.easyresearch.se *.zendesk.com *.zopim.com wss://*.zopim.com *.zopim.io; img-src 'self' data: *.pingdom.net *.zendesk.com *.abtasty.com www.gstatic.com api.hitta.se scontent.cdninstagram.com www.google.com www.google.se *.google-analytics.com *.googletagmanager.com tagmanager.google.com ssl.gstatic.com res.cloudinary.com *.cloudfront.net *.facebook.com stats.g.doubleclick.net track.adform.net *.fls.doubleclick.net *.easyresearch.se *.zendesk.com *.zopim.com wss://*.zopim.com *.zopim.io; font-src 'self' data: assets.juicer.io fonts.gstatic.com tagmanager.google.com *.zendesk.com *.zopim.com wss://*.zopim.com *.zopim.io; frame-src 'self' *.veinteractive.com accounts.google.com www.flysas.com app.ecoonline.com www.nordicchoicehotels.com recruit.visma.com www.recruit.visma.com www.aditrorecruit.com *.twitter.com www.youtube.com *.facebook.com c1.adform.net s7.addthis.com track.adform.net *.fls.doubleclick.net *.easyresearch.se *.abtasty.com *.zendesk.com *.zopim.com wss://*.zopim.com *.zopim.io; base-uri 'self' *.coop.se *.kf.local *.zopim.com wss://*.zopim.com *.zopim.io; report-uri *.zopim.com wss://*.zopim.com *.zopim.io
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: InformationAlert_reconstruction="1|2017-05-11 12:45:32"; expires=Thu, 25-May-2017 10:45:32 GMT; path=/; secure
Content-Type: text/html; charset=utf-8
X-Xss-Protection: 1; mode=block
X-Server-Name: 6
X-Frame-Options: SAMEORIGIN
Set-Cookie: ASP.NET_SessionId=avdpcb4kxlmrgzehac14053s; path=/; secure; HttpOnly
X-Content-Type-Options: nosniff