X-kernel: App
Vary: Cookie, X-Requested-With, Accept-Encoding
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
CF-RAY: 3efd9bfa4d2196e8-FRA
Content-Security-Policy: default-src 'none'; font-src 'self' data: fonts.gstatic.com js.intercomcdn.com tagmanager.google.com themes.googleusercontent.com cdn.schiphol.nl; child-src 'self' blob: 1327335.fls.doubleclick.net bid.g.doubleclick.net d6tizftlrpuof.cloudfront.net pasaanvraag.schiphol.nl www.connexys.nl www.youtube.com 5980017.fls.doubleclick.net www.googletagmanager.com; frame-src 'self' blob: 1327335.fls.doubleclick.net bid.g.doubleclick.net d6tizftlrpuof.cloudfront.net pasaanvraag.schiphol.nl www.connexys.nl www.youtube.com 5980017.fls.doubleclick.net www.googletagmanager.com; connect-src 'self' wss: nexus-websocket-a.intercom.io nexus-websocket-b.intercom.io api-ping.intercom.io api-iam.intercom.io api-ping.intercom.io api.usabilla.com app.getsentry.com bam.nr-data.net d6tizftlrpuof.cloudfront.net doubleclickadexchange.net js.intercomcdn.com nexus-long-poller-a.intercom.io nexus-long-poller-b.intercom.io www.google-analytics.com pagead2.googlesyndication.com jy11djjhoa.execute-api.eu-west-1.amazonaws.com *.tiles.mapbox.com api.mapbox.com; img-src 'self' data: blob: assets.contentful.com bam.nr-data.net bat.bing.com bat.r.msn.com cdncash.org d6tizftlrpuof.cloudfront.net doubleclick.net ge0ip.com ge0ip.net ge0ip.org googleads.g.doubleclick.net stats.g.doubleclick.net images.contentful.com js.intercomcdn.com lancheck.net maps.googleapis.com s.c.schiphol.nl schiphol.mobi static.intercomassets.com tagmanager.google.com takethatad.com tm.tradetracker.net ts.tradetracker.net tl.tradetracker.net w.usabilla.com www.google-analytics.com www.google.com www.google.nl www.googleadservices.com www.gstatic.com www.seebuyflyhappyhour.nl connect.facebook.net www.facebook.com s.ytimg.com lh3.googleusercontent.com cdn.schiphol.nl; script-src 'self' data: asset: 'unsafe-inline' 'unsafe-eval' t.c.schiphol.nl s.c.schiphol.nl ajax.googleapis.com api.usabilla.com apps-analytics.net bam.nr-data.net bat.bing.com cdn.optimizely.com cdncash.org d1fc8wv8zag5ca.cloudfront.net d6tizftlrpuof.cloudfront.net d19tqk5t6qcjac.cloudfront.net ge0ip.com ge0ip.net ge0ip.org js-agent.newrelic.com js.intercomcdn.com nexus-long-poller-a.intercom.io nexus-long-poller-b.intercom.io rum-static.pingdom.net tagmanager.google.com tm.tradetracker.net w.usabilla.com widget.intercom.io www.connexys.nl www.google-analytics.com www.googleadservices.com www.googletagmanager.com www.gstatic.com connect.facebook.net www.facebook.com api.mapbox.com www.youtube.com s.ytimg.com googleads.g.doubleclick.net www.google.com analytics-eu.clickdimensions.com cdn.schiphol.nl; style-src 'self' 'unsafe-inline' tagmanager.google.com d6tizftlrpuof.cloudfront.net www.gstatic.com api.tiles.mapbox.com cdn.schiphol.nl; manifest-src 'self' cdn.schiphol.nl; report-uri https://sentry.io/api/90299/csp-report/?sentry_key=15eec8dfd1104d25b2cb5f881336395d
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=15552000
X-Via-App-Server: vm106
Content-Type: text/html; charset=UTF-8
Set-Cookie: __cfduid=d050a44929ce14ef61d4a1c895b51e9451519089268; expires=Wed, 20-Feb-19 01:14:28 GMT; path=/; domain=.schiphol.nl; HttpOnly
Server: cloudflare
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 20 Feb 2018 01:14:28 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
X-Via-HAProxy: vm201
X-Powered-By: Schiphol.com Web Server
Cache-Control: max-age=60, public, s-maxage=300
X-Xss-Protection: 1; mode=block
Set-Cookie: lang=nl; expires=Wed, 21-Feb-2018 01:13:35 GMT; Max-Age=86400; path=/; secure; HttpOnly