x-xss-protection: 1; mode=block
Content-Type: text/html;charset=UTF-8
content-security-policy-report-only: default-src https:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; report-uri /s/run/cspreport
Vary: Accept-Encoding
Fastly-Debug-Digest: 7cbce25f6c6618fa7d59cb096f8190d92118c477053c0dc175720170974bbba4
Set-Cookie: kayak=JJmTrx1f$J_HvJDwHzsl; Expires=Fri, 15-May-2020 06:37:04 GMT; Path=/; HttpOnly
Set-Cookie: cluster=5; Expires=Tue, 16-May-2017 07:22:04 GMT; Path=/; HttpOnly
Set-Cookie: p1.med.token=K6qaUeFU2Ixua5bMt0rGeb; Expires=Sun, 12-Nov-2017 06:37:04 GMT; Path=/; Secure; HttpOnly
Date: Tue, 16 May 2017 06:37:04 GMT
Content-Language: de-CH
link: <https://www.google-analytics.com>; rel=preconnect; crossorigin
Transfer-Encoding: chunked
Via: 1.1 varnish
X-Served-By: cache-fra1238-FRA, cache-hhn1523-HHN
X-Cache: MISS, MISS
Set-Cookie: NSC_q5-tqbslmf=ffffffff09892a8a45525d5f4f58455e445a4a422a59;expires=Tue, 16-May-2017 06:57:04 GMT;path=/;httponly
Accept-Ranges: bytes
content-security-policy: upgrade-insecure-requests
Set-Cookie: Apache=PkuJRw-AAABXA$5cbc-96-fyfiEg; Expires=Mon, 10-Feb-2020 06:37:04 GMT; Path=/; HttpOnly
Set-Cookie: kykprf=30; Path=/; HttpOnly
Age: 0
Server: KAYAK/1.0
link: <https://www.googletagmanager.com>; rel=preconnect; crossorigin
X-Cache-Hits: 0, 0
x-recruiting: Made with love in Berlin - come join us! https://www.kayak.com/careers
link: <https://apis.google.com>; rel=preconnect; crossorigin
link: <https://a1.r9cdn.net>; rel=preconnect; crossorigin
Via: 1.1 varnish
Connection: keep-alive
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
X-Timer: S1494916625.827605,VS0,VE107
cache-control: no-store
Set-Cookie: p1.med.sid=H-5woiKn9XOM7iMLSkfq5wD-dKUPlNfc11s_Tkbp3o9TUWTqdt5RGH1mq_VsO3W4L; Path=/; HttpOnly
HTTP/1.1 200 OK