urlscan.io logo urlscan.io
SecurityTrails logo

offers.klm.com Open in urlscan Pro
96.16.128.63  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cv.fly24.com/jW52cZxm27/2MFScR
Effective URL: https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=Loca...
Submission: On November 02 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 34 HTTP transactions. The main IP is 96.16.128.63, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is offers.klm.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on December 15th 2021. Valid for: a year.
This is the only time offers.klm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.156.45.6 16509 (AMAZON-02)
1 1 67.199.248.12 396982 (GOOGLE-CL...)
16 96.16.128.63 16625 (AKAMAI-AS)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
3 18.66.248.17 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
34 6
1    35.156.45.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-45-6.eu-central-1.compute.amazonaws.com
cv.fly24.com
1    67.199.248.12 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com
klmf.ly
16    96.16.128.63 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-128-63.deploy.static.akamaitechnologies.com
offers.klm.com
4    2a02:26f0:6c00::210:baf1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.static-kl.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    18.66.248.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-17.dus51.r.cloudfront.net
tdn.r42tag.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:80e::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
Apex Domain
Subdomains		 Transfer
16 klm.com
offers.klm.com
686 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
storage.googleapis.com — Cisco Umbrella Rank: 652
392 KB
4 gstatic.com
fonts.gstatic.com
63 KB
4 static-kl.com
www.static-kl.com — Cisco Umbrella Rank: 174116
17 KB
3 r42tag.com
tdn.r42tag.com — Cisco Umbrella Rank: 36982
58 KB
1 klmf.ly
klmf.ly
303 B
1 fly24.com
cv.fly24.com
212 B
34 7
Domain Requested by
16 offers.klm.com offers.klm.com
6 storage.googleapis.com offers.klm.com
4 fonts.gstatic.com fonts.googleapis.com
4 www.static-kl.com offers.klm.com
tdn.r42tag.com
www.static-kl.com
3 tdn.r42tag.com offers.klm.com
tdn.r42tag.com
1 fonts.googleapis.com offers.klm.com
1 klmf.ly 1 redirects
1 cv.fly24.com 1 redirects
34 8
Subject Issuer Validity Valid
werelddeal.klm.com
Sectigo RSA Organization Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
www.static-kl.com
Sectigo RSA Organization Validation Secure Server CA		 2021-12-16 -
2023-01-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
tdn.r42tag.com
Amazon		 2022-10-24 -
2023-11-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
Frame ID: DE23BD2E40C5C78CD98AB724984E10DE
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sunrise Deals | KLM.com

Page URL History Show full URLs

  1. https://cv.fly24.com/jW52cZxm27/2MFScR HTTP 307
    https://klmf.ly/3FefdIT HTTP 301
    https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybi... Page URL

Page Statistics

34
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

6
IPs

2
Countries

1217 kB
Transfer

16790 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cv.fly24.com/jW52cZxm27/2MFScR HTTP 307
    https://klmf.ly/3FefdIT HTTP 301
    https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request de_de
offers.klm.com/
Redirect Chain
  • https://cv.fly24.com/jW52cZxm27/2MFScR
  • https://klmf.ly/3FefdIT
  • https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
360 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7c13fea25e2a3ef220dc104f7ad6c51864702d6fd34a1f162af9b68d6e2d4e3
Security Headers
Name Value
Strict-Transport-Security max-age=31622400 max-age=31536000
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Encoding
gzip
Content-Length
19307
Content-Type
text/html;charset=UTF-8
Date
Wed, 02 Nov 2022 05:52:35 GMT
Referrer-Policy
same-origin
Server
Apache
Strict-Transport-Security
max-age=31622400 max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

cache-control
private, max-age=90
content-length
218
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Wed, 02 Nov 2022 05:52:35 GMT
location
https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
referrer-policy
unsafe-url
server
nginx
main.c1e4425e.css
offers.klm.com/static/css/ 		183 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offers.klm.com/static/css/main.c1e4425e.css
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0fc285d8bc5666e51c6852ca05e4b4bbd572c1a19b47fda6b70c21582d5121f2
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
Date
Wed, 02 Nov 2022 05:52:35 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-transform, max-age=4465
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31963
X-XSS-Protection
1; mode=block
cookie-sdk.min.js
www.static-kl.com/assets/sdk/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.static-kl.com/assets/sdk/cookie-sdk.min.js
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2f5fed288745012a3c6dff7f777e70e783c78f150cee7ed158828b9e9fd11cb8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 02 Nov 2022 05:52:36 GMT
x-backend
f3b2e901adcad9edd43c761aae90af95407ecc2a99ba84e95aeb632f7e81f6af
content-length
806
x-request-id
Y1q8_DaJI2zLAHmR2sxE-AAAAxI
last-modified
Wed, 26 Oct 2022 10:12:28 GMT
etag
"6359080c-520"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=127451
vary
Accept-Encoding
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Thu, 03 Nov 2022 17:16:47 GMT
main.85431c1b.js
offers.klm.com/static/js/ 		797 KB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.klm.com/static/js/main.85431c1b.js
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a482b20992935069c2ffd30ab86b9c2189f8eb67142f33bf5812bf5db22cd5e7
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
Date
Wed, 02 Nov 2022 05:52:36 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-transform, max-age=4464
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
223297
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/static/css/main.c1e4425e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 02 Nov 2022 05:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 05:13:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Nov 2022 05:52:36 GMT
135-v1.js
tdn.r42tag.com/lib/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tdn.r42tag.com/lib/135-v1.js
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-17.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70705ae25032a57c6b65f14afc70b9c412df4e6d289576092bf26e2dee863dfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
WLbq.44tGuExfZ.s98ePwO5PxXzdrqj6
content-encoding
gzip
via
1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
date
Wed, 02 Nov 2022 04:41:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
DUS51-P1
age
4326
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Mar 2021 18:07:01 GMT
server
AmazonS3
etag
W/"bd539ed1557ffb42dd28de3c7cebbe93"
vary
Accept-Encoding, Origin
content-type
application/javascript;charset=UTF-8
cache-control
max-age=14400, public
x-amz-cf-id
ELh7NoD3mNF5voiSca4ajloIYf_eECW3ADQwxlBw4JfcfEEsHkwwpQ==
muted-white.svg
offers.klm.com/assets/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.klm.com/assets/images/icons/muted-white.svg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/static/css/main.c1e4425e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a7a5b583e3c16c9f10b101fc60d954f01ce2a8b21d003dbae67d4fda122bac4e
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/static/css/main.c1e4425e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
Date
Wed, 02 Nov 2022 05:52:36 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
671
X-XSS-Protection
1; mode=block
search-deepblue.svg
offers.klm.com/assets/images/icons/ 		750 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.klm.com/assets/images/icons/search-deepblue.svg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/static/css/main.c1e4425e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
976ee353c3591c9ecd2c4041395516358cf94aa6259866978d34150405a06867
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/static/css/main.c1e4425e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Date
Wed, 02 Nov 2022 05:52:36 GMT
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
750
X-XSS-Protection
1; mode=block
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.klm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 20:40:44 GMT
x-content-type-options
nosniff
age
378712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Oct 2023 20:40:44 GMT
website_large.jpg
storage.googleapis.com/mcp_170lwcdn/public-assets/destination-images/LAX2/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/mcp_170lwcdn/public-assets/destination-images/LAX2/website_large.jpg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
42c834092b726ac58ed9da7896ef98b630e1a91fe60f0c12c04cb4fefe2e1d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 05:13:08 GMT
age
2368
x-guploader-uploadid
ADPycdvsps1U-p95v_OwRNupM9YaT_lYXCUZP0lmlnZ9y_D0PuJy0KtiLAQ9eHJMuyDSXe0nAgSPBQ2hYFDSwnk_38DN7Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85818
last-modified
Thu, 29 Sep 2022 15:03:24 GMT
server
UploadServer
etag
"5ed12b752714ef0a1c48293f435fc889"
x-goog-generation
1664463804416814
x-goog-hash
crc32c=rR8jgg==, md5=XtErdScU7wocSCk/Q1/IiQ==
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
85818
accept-ranges
bytes
expires
Wed, 02 Nov 2022 06:13:08 GMT
arrow-right-white.svg
offers.klm.com/assets/images/icons/ 		284 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.klm.com/assets/images/icons/arrow-right-white.svg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/static/css/main.c1e4425e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7d22ac76fa00f0873847304f85d2eb7d0ef26dccab4f46586ab0ed086446a6ec
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/static/css/main.c1e4425e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Date
Wed, 02 Nov 2022 05:52:36 GMT
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
284
X-XSS-Protection
1; mode=block
website_large.jpg
storage.googleapis.com/mcp_170lwcdn/public-assets/destination-images/NBO/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/mcp_170lwcdn/public-assets/destination-images/NBO/website_large.jpg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0bd89fac1d10da647d4b9047afbf8de2f3b60568d9b39fa250b39d95bc20526a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 05:13:08 GMT
age
2368
x-guploader-uploadid
ADPycdsic5Ev3lT9uIGTO-zUTcIMHSNaNy4N8aSuMz49xklrZAD0YjkerawxOMx57dmen71OapEMSkINH5Wdw0E52CnKKw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108002
last-modified
Thu, 29 Sep 2022 15:03:05 GMT
server
UploadServer
etag
"f84ec21031a01f4399aa9ac5a7c17aad"
x-goog-generation
1664463785926149
x-goog-hash
crc32c=CMxehg==, md5=+E7CEDGgH0OZqprFp8F6rQ==
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
108002
accept-ranges
bytes
expires
Wed, 02 Nov 2022 06:13:08 GMT
arrow-right-orange.svg
offers.klm.com/assets/images/icons/ 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.klm.com/assets/images/icons/arrow-right-orange.svg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/static/css/main.c1e4425e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b22e304f6a8a903373e0a2d6a031e5dbcbf38f787f8b7e1b20085b9431babda0
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/static/css/main.c1e4425e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Date
Wed, 02 Nov 2022 05:52:36 GMT
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
699
X-XSS-Protection
1; mode=block
website_large.jpg
storage.googleapis.com/mcp_170lwcdn/public-assets/destination-images/AUA/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/mcp_170lwcdn/public-assets/destination-images/AUA/website_large.jpg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c20b31bdaafb6edc0e5d7e7bb8086ee1b381a05837f01ddfb49cbf7dd2bb0c24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 05:13:08 GMT
age
2368
x-guploader-uploadid
ADPycdv8xgL3QlD-C94iv2XyY15u9sYKGNhq4PxqqMqnKVeCGfGcNsthIsNTxO2xGDNht0f6O_Q8WlyoON2m_z3HQ-FVyTXQAtTk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63395
last-modified
Thu, 29 Sep 2022 15:02:06 GMT
server
UploadServer
etag
"e38a732b3be46629cef7c096b9882739"
x-goog-generation
1664463726650752
x-goog-hash
crc32c=jgKwYQ==, md5=44pzKzvkZinO98CWuYgnOQ==
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
63395
accept-ranges
bytes
expires
Wed, 02 Nov 2022 06:13:08 GMT
website_large.jpg
storage.googleapis.com/mcp_170lwcdn/public-assets/destination-images/CUR/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/mcp_170lwcdn/public-assets/destination-images/CUR/website_large.jpg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
650839b40b06bd7576aa03be0ac77accca63c177a20087841281ffe2a3675622

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 05:13:08 GMT
age
2368
x-guploader-uploadid
ADPycdtBnWLYzxpQ98jhit4UteslZhqeN-Lb4hxyvsdaJf1fmKSRySzZFiHcAv7hgJyyYv3FXDwoO7-NkK7zanCwjYGN_Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101150
last-modified
Thu, 29 Sep 2022 15:01:26 GMT
server
UploadServer
etag
"bf7dab51ece99c1b45e682ea26728cc0"
x-goog-generation
1664463686920901
x-goog-hash
crc32c=eifOnw==, md5=v32rUezpnBtF5oLqJnKMwA==
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
101150
accept-ranges
bytes
expires
Wed, 02 Nov 2022 06:13:08 GMT
social-background.jpg
offers.klm.com/assets/images/backgrounds/ 		379 KB
379 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.klm.com/assets/images/backgrounds/social-background.jpg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/static/css/main.c1e4425e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
60381e5b9f67d5dc9c07b89e98178071ec82ab0bcae29228cebfe5367280b29f
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/static/css/main.c1e4425e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Date
Wed, 02 Nov 2022 05:52:36 GMT
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
no-transform, max-age=4465
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
387787
X-XSS-Protection
1; mode=block
whatsapp.svg
offers.klm.com/assets/images/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.klm.com/assets/images/icons/whatsapp.svg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/static/css/main.c1e4425e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fd6752524a6ca920a7efaba993f1b99fa297eae512554766d270cbddaf8f0d59
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/static/css/main.c1e4425e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
Date
Wed, 02 Nov 2022 05:52:36 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1525
X-XSS-Protection
1; mode=block
messenger.svg
offers.klm.com/assets/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.klm.com/assets/images/icons/messenger.svg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/static/css/main.c1e4425e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e42b2701c93e405f51ec8e02ded6f4e063593223640ae292d638640d163c4bd1
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/static/css/main.c1e4425e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
Date
Wed, 02 Nov 2022 05:52:36 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
590
X-XSS-Protection
1; mode=block
imessage.svg
offers.klm.com/assets/images/icons/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.klm.com/assets/images/icons/imessage.svg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/static/css/main.c1e4425e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
99da6ca233f4a393cb33e41410499daaca378ee67b10d377c4ab8e26faad5427
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/static/css/main.c1e4425e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
Date
Wed, 02 Nov 2022 05:52:36 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1555
X-XSS-Protection
1; mode=block
facebook.svg
offers.klm.com/assets/images/icons/ 		999 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.klm.com/assets/images/icons/facebook.svg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/static/css/main.c1e4425e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c82ec8d73d8268680b25f8b3bd00a651bf4c5353ffbc131259236447f620ef5a
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/static/css/main.c1e4425e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
Date
Wed, 02 Nov 2022 05:52:36 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
620
X-XSS-Protection
1; mode=block
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.klm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:44:52 GMT
x-content-type-options
nosniff
age
133664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 16:44:52 GMT
KLMNoa-Light.woff2
offers.klm.com/assets/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://offers.klm.com/assets/fonts/KLMNoa-Light.woff2
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/static/css/main.c1e4425e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e687cd5a7ba4693ccab4786bd5590373900f5e45e77a617e9b059c4cdb2a3ed1
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offers.klm.com/static/css/main.c1e4425e.css
Origin
https://offers.klm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Date
Wed, 02 Nov 2022 05:52:36 GMT
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
font/woff2
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21396
X-XSS-Protection
1; mode=block
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.klm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 13:44:20 GMT
x-content-type-options
nosniff
age
403696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Oct 2023 13:44:20 GMT
klm.svg
offers.klm.com/assets/images/logos/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.klm.com/assets/images/logos/klm.svg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
79e4cec44a386f24ef087a466f33d6d81b06a5a9f72494c0d8f8c2acbb06bac2
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
Date
Wed, 02 Nov 2022 05:52:36 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2844
X-XSS-Protection
1; mode=block
56498f25-ac78-4498-9f61-6acb256c4d22.jpg
storage.googleapis.com/mcp_275campaigndesigner2/uploads/images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/mcp_275campaigndesigner2/uploads/images/56498f25-ac78-4498-9f61-6acb256c4d22.jpg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cf5b57967bc4edbd726b9690869f3c49b5785052ca35b96e1977568df145ece9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 05:13:07 GMT
age
2369
x-guploader-uploadid
ADPycds87LmImdSsl6hsWj2G3jKuGrA-aJgvfAnDRaiHrSyMOoqsag22yqxJBTTGBAfLCj3xPI63jGJMb8xhz6jj8HTFgw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40072
x-goog-meta-cachecontrol
Cache-Control: public, max-age=10
last-modified
Fri, 23 Sep 2022 14:08:48 GMT
server
UploadServer
etag
"582f33b4ddf4e2abae8702229844683c"
x-goog-hash
crc32c=OQDcwA==, md5=WC8ztN304quuhwIimERoPA==
x-goog-generation
1663942128229541
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
40072
accept-ranges
bytes
expires
Wed, 02 Nov 2022 06:13:07 GMT
caret-down-white.svg
offers.klm.com/assets/images/icons/ 		196 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.klm.com/assets/images/icons/caret-down-white.svg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/static/css/main.c1e4425e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ae765c20900795fa176a45d53d503c857a1b4d84e4e349d5bffc356232d5d426
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/static/css/main.c1e4425e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Date
Wed, 02 Nov 2022 05:52:36 GMT
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
196
X-XSS-Protection
1; mode=block
caret-down-deepblue.svg
offers.klm.com/assets/images/icons/ 		197 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.klm.com/assets/images/icons/caret-down-deepblue.svg
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/static/css/main.c1e4425e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.128.63 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-128-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a928f370f800b86d9f8f2f1fc2520e1301a6b1a2bb07fd6bd346b48e2c309124
Security Headers
Name Value
Strict-Transport-Security max-age=31622400, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers.klm.com/static/css/main.c1e4425e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31622400, max-age=31536000
Date
Wed, 02 Nov 2022 05:52:36 GMT
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 26 Oct 2022 08:44:47 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
197
X-XSS-Protection
1; mode=block
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.klm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 12:56:05 GMT
x-content-type-options
nosniff
age
147391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 12:56:05 GMT
52de81d4-2788-485b-a72a-329048196767Sunrisedealsvideosmaller3.mp4
storage.googleapis.com/mcp_275campaigndesigner2/uploads/files/ 		14 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/mcp_275campaigndesigner2/uploads/files/52de81d4-2788-485b-a72a-329048196767Sunrisedealsvideosmaller3.mp4
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 02 Nov 2022 05:52:36 GMT
x-guploader-uploadid
ADPycduhdxigHPpkhOFoK585EOu5ES9d8ybulzMLBmWOL5Y0E4qXG1Pk_vd-8XN8cuNnM-NtU2w-trP0_gNAD-Ou7-Y7YRzvsx4M
x-goog-storage-class
STANDARD
Content-Range
bytes 0-19117611/19117612
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
19117612
x-goog-meta-cachecontrol
Cache-Control: public, max-age=10
last-modified
Mon, 19 Sep 2022 10:04:10 GMT
server
UploadServer
etag
"87b25ad129c7d8989bd9e04021a23634"
x-goog-generation
1663581850747088
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=6qGCxw==, md5=h7Ja0SnH2Jib2eBAIaI2NA==
cache-control
public, max-age=3600
x-goog-stored-content-length
19117612
accept-ranges
bytes
expires
Wed, 02 Nov 2022 06:52:36 GMT
prod
tdn.r42tag.com/tags-135/ 		157 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tdn.r42tag.com/tags-135/prod?s=external%7Cpromotions%7Cpromotions%20homepage&p=country%3ADE&p=language%3ADE&p=z_country%3ADE&p=z_language%3ADE&p=application%3Apromotions&p=host%3AKL&p=cg_n%3Aexternal&p=cg_s%3Apromotions%20homepage&p=datasourceid%3A&p=ti%3Aotspromotions%20homepage&p=ti1%3APromo&p=ti2%3Apromotions&p=ti3%3Apromotions&p=z_experiment_group%3A&u=https%3A%2F%2Foffers.klm.com%2Fde_de%3FWT.mc_id%3DL_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null%26WT.tsrc%3DLocalChannel&r=&cb=1667368356278
Requested by
Host: tdn.r42tag.com
URL: https://tdn.r42tag.com/lib/135-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
29d8e363b612d01045f85987c6def3ccad8e02f12716fb2309ec6bcc9d5c48ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Nov 2022 05:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
no-referrer
via
1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
server
nginx
x-backend
tdn-ea8531f2
x-amz-cf-pop
DUS51-P1
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, no-store, max-age=0
x-amz-cf-id
hg-xdefx-yJ2u-x4DQHmB_m0jL10AVg9w4IWlpq8IJU2F5KTFOiMNQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie-banner.js
www.static-kl.com/assets/cookie-banner/ 		16 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.static-kl.com/assets/cookie-banner/cookie-banner.js
Requested by
Host: tdn.r42tag.com
URL: https://tdn.r42tag.com/lib/135-v1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
610678727b4e81e89e5d243c998206b8b85ccf9804cbaafcc251f1c5a5c71c0b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 02 Nov 2022 05:52:36 GMT
x-backend
f3b2e901adcad9edd43c761aae90af95407ecc2a99ba84e95aeb632f7e81f6af
content-length
7275
x-request-id
Y1pB43LwiewcMJ2IbyB5HwAAAbE
last-modified
Wed, 26 Oct 2022 10:12:30 GMT
etag
"6359080e-418c"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=728
vary
Accept-Encoding
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Wed, 02 Nov 2022 06:04:44 GMT
7375-a2e10cd08d25d3ced4b1-cookie-banner.js
www.static-kl.com/assets/cookie-banner/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.static-kl.com/assets/cookie-banner/7375-a2e10cd08d25d3ced4b1-cookie-banner.js
Requested by
Host: www.static-kl.com
URL: https://www.static-kl.com/assets/cookie-banner/cookie-banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a242e0df8e1363c3a266bff2fa7121fbedc7f5260fcaae0f146ee0f1dbd5feb1
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 02 Nov 2022 05:52:36 GMT
x-backend
f3b2e901adcad9edd43c761aae90af95407ecc2a99ba84e95aeb632f7e81f6af
content-length
5940
x-request-id
Y1pB9Brp0s0jsnxAtGno2AAAAvo
last-modified
Wed, 26 Oct 2022 10:12:30 GMT
etag
"6359080e-40ea"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=96046
vary
Accept-Encoding
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Thu, 03 Nov 2022 08:33:22 GMT
5247-a2e10cd08d25d3ced4b1-cookie-banner.js
www.static-kl.com/assets/cookie-banner/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.static-kl.com/assets/cookie-banner/5247-a2e10cd08d25d3ced4b1-cookie-banner.js
Requested by
Host: www.static-kl.com
URL: https://www.static-kl.com/assets/cookie-banner/cookie-banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4225b9dfbb2bdf604cdb7a943414703ad89370c1dc7faf0862755311ec0750b0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 02 Nov 2022 05:52:36 GMT
x-backend
f3b2e901adcad9edd43c761aae90af95407ecc2a99ba84e95aeb632f7e81f6af
content-length
1978
x-request-id
Y1pB94aJuCRScIvb5ynMywAAAqY
last-modified
Wed, 26 Oct 2022 10:12:30 GMT
etag
"6359080e-14ea"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=95914
vary
Accept-Encoding
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Thu, 03 Nov 2022 08:31:10 GMT
stats
tdn.r42tag.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tdn.r42tag.com/stats?siteId=135&counterId=11&cb=1667368356475
Requested by
Host: offers.klm.com
URL: https://offers.klm.com/de_de?WT.mc_id=L_DE_LocalChannel_ADROM_PromotionOCT2022_SunriseDeals_earlybird_null&WT.tsrc=LocalChannel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 05:52:36 GMT
via
1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
referrer-policy
no-referrer
x-backend
tdn-6b7add45
server
nginx
x-amz-cf-pop
DUS51-P1
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Miss from cloudfront
content-length
35
x-amz-cf-id
8pJdjgZPfWGb824fFaSB47Db6rPNT8YZzxNOtVk9ELVZ0XdZvFyjkg==

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| _st object| tc_vars object| appData function| BWCookieSdk function| setImmediate function| clearImmediate object| regeneratorRuntime object| _stq object| _stTracker object| DAS object| Sha256 object| ignore_domains object| webpackJsonpCookieBanner object| BWCookieBanner

2 Cookies

Domain/Path Name / Value
.klmf.ly/ Name: _bit
Value: ma25Qz-31236674e6486ab3a2-007
.klm.com/ Name: _svs
Value: %7B%22m%22%3A%7B%22landing%22%3A%7B%22prospecting%22%3A1669960356412%7D%2C%22trafficsource%22%3A%7B%22localchannel%22%3A1669960356413%7D%7D%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31622400 max-age=31536000
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cv.fly24.com
fonts.googleapis.com
fonts.gstatic.com
klmf.ly
offers.klm.com
storage.googleapis.com
tdn.r42tag.com
www.static-kl.com
18.66.248.17
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::2010
2a00:1450:4001:828::2003
2a02:26f0:6c00::210:baf1
35.156.45.6
67.199.248.12
96.16.128.63
0bd89fac1d10da647d4b9047afbf8de2f3b60568d9b39fa250b39d95bc20526a
0fc285d8bc5666e51c6852ca05e4b4bbd572c1a19b47fda6b70c21582d5121f2
29d8e363b612d01045f85987c6def3ccad8e02f12716fb2309ec6bcc9d5c48ad
2f5fed288745012a3c6dff7f777e70e783c78f150cee7ed158828b9e9fd11cb8
4225b9dfbb2bdf604cdb7a943414703ad89370c1dc7faf0862755311ec0750b0
42c834092b726ac58ed9da7896ef98b630e1a91fe60f0c12c04cb4fefe2e1d32
60381e5b9f67d5dc9c07b89e98178071ec82ab0bcae29228cebfe5367280b29f
610678727b4e81e89e5d243c998206b8b85ccf9804cbaafcc251f1c5a5c71c0b
650839b40b06bd7576aa03be0ac77accca63c177a20087841281ffe2a3675622
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
70705ae25032a57c6b65f14afc70b9c412df4e6d289576092bf26e2dee863dfa
79e4cec44a386f24ef087a466f33d6d81b06a5a9f72494c0d8f8c2acbb06bac2
7d22ac76fa00f0873847304f85d2eb7d0ef26dccab4f46586ab0ed086446a6ec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
976ee353c3591c9ecd2c4041395516358cf94aa6259866978d34150405a06867
99da6ca233f4a393cb33e41410499daaca378ee67b10d377c4ab8e26faad5427
a242e0df8e1363c3a266bff2fa7121fbedc7f5260fcaae0f146ee0f1dbd5feb1
a482b20992935069c2ffd30ab86b9c2189f8eb67142f33bf5812bf5db22cd5e7
a7a5b583e3c16c9f10b101fc60d954f01ce2a8b21d003dbae67d4fda122bac4e
a928f370f800b86d9f8f2f1fc2520e1301a6b1a2bb07fd6bd346b48e2c309124
ae765c20900795fa176a45d53d503c857a1b4d84e4e349d5bffc356232d5d426
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b22e304f6a8a903373e0a2d6a031e5dbcbf38f787f8b7e1b20085b9431babda0
c20b31bdaafb6edc0e5d7e7bb8086ee1b381a05837f01ddfb49cbf7dd2bb0c24
c82ec8d73d8268680b25f8b3bd00a651bf4c5353ffbc131259236447f620ef5a
cf5b57967bc4edbd726b9690869f3c49b5785052ca35b96e1977568df145ece9
d7c13fea25e2a3ef220dc104f7ad6c51864702d6fd34a1f162af9b68d6e2d4e3
e42b2701c93e405f51ec8e02ded6f4e063593223640ae292d638640d163c4bd1
e687cd5a7ba4693ccab4786bd5590373900f5e45e77a617e9b059c4cdb2a3ed1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fd6752524a6ca920a7efaba993f1b99fa297eae512554766d270cbddaf8f0d59