www.garuda-indonesia.com Open in urlscan Pro
2606:4700::6812:ac0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u14189904.ct.sendgrid.net/ls/click?upn=dAUPm36d30ZSS8ctpTykwtDK5Uujy-2BDYbPBr7ySRVXhqK1Lc3QuVpblS-2FYjQXG6aEZ8mBOkrLEk9GLg...
Effective URL:
https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltC...
Submission: On October 03 via api (October 3rd 2022, 5:13:49 am UTC) from US — Scanned from DE

Summary HTTP 181 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 24 domains to perform 181 HTTP transactions. The main IP is 2606:4700::6812:ac0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.garuda-indonesia.com. The Cisco Umbrella rank of the primary domain is 333714.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on August 18th 2022. Valid for: a year.

This is the only time www.garuda-indonesia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.16 167.89.123.16	11377 (SENDGRID) (SENDGRID)
41	2606:4700::68... 2606:4700::6812:ac0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:807::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
11	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
15	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
9	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:806::200d	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
11	104.16.105.108 104.16.105.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	34.200.208.201 34.200.208.201	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	191.237.222.171 191.237.222.171	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400e:801::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:800:b:2370:c500:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700:7::... 2606:4700:7::a29f:853d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.19.234.130 52.19.234.130	16509 (AMAZON-02) (AMAZON-02)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
12	108.138.7.22 108.138.7.22	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	143.204.89.24 143.204.89.24	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:7::... 2606:4700:7::a29f:863d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.229.87.250 44.229.87.250	16509 (AMAZON-02) (AMAZON-02)
181	31

1 167.89.123.16 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x16.outbound-mail.sendgrid.net

u14189904.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700::6812:ac0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.garuda-indonesia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.16.105.108 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

secure.rentalcars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.200.208.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-208-201.compute-1.amazonaws.com

upgrade.plusgrade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 191.237.222.171 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

widget.api.traveldoc.aero	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:801::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

8543057.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:800:b:2370:c500:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1adj61x0fgvmc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:7::a29f:853d (United States)

ASN13335 (CLOUDFLARENET, US)

garuda.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
location.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eitri.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.234.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-234-130.eu-west-1.compute.amazonaws.com

track.omguk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

id-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 108.138.7.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-22.fra56.r.cloudfront.net

upgrade-cdn-prd.plusgrade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.89.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-24.fra50.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:7::a29f:863d (United States)

ASN13335 (CLOUDFLARENET, US)

segment.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.229.87.250 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-87-250.us-west-2.compute.amazonaws.com

col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	garuda-indonesia.com www.garuda-indonesia.com — Cisco Umbrella Rank: 333714	3 MB
24	plusgrade.com upgrade.plusgrade.com — Cisco Umbrella Rank: 136101 upgrade-cdn-prd.plusgrade.com — Cisco Umbrella Rank: 146510	852 KB
16	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
13	useinsider.com garuda.api.useinsider.com — Cisco Umbrella Rank: 778924 segment.api.useinsider.com — Cisco Umbrella Rank: 21343 location.api.useinsider.com — Cisco Umbrella Rank: 22026 log.api.useinsider.com — Cisco Umbrella Rank: 15057 hit.api.useinsider.com — Cisco Umbrella Rank: 17835 assets.api.useinsider.com — Cisco Umbrella Rank: 29511 eitri.api.useinsider.com — Cisco Umbrella Rank: 28206	126 KB
12	google.com 2 redirects apis.google.com — Cisco Umbrella Rank: 109 accounts.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 76	71 KB
11	rentalcars.com secure.rentalcars.com — Cisco Umbrella Rank: 180379	141 KB
10	recaptcha.net recaptcha.net — Cisco Umbrella Rank: 1901	72 KB
9	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 8543057.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	23 KB
9	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	36 KB
6	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 743	429 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6301	866 B
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	39 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	201 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 129	48 KB
3	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 3146	44 KB
3	traveldoc.aero widget.api.traveldoc.aero — Cisco Umbrella Rank: 688709	65 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	250 KB
1	eum-appdynamics.com col.eum-appdynamics.com — Cisco Umbrella Rank: 2174	721 B
1	mookie1.com id-gmtdmp.mookie1.com — Cisco Umbrella Rank: 230733	641 B
1	omguk.com track.omguk.com — Cisco Umbrella Rank: 35342	560 B
1	cloudfront.net d1adj61x0fgvmc.cloudfront.net	352 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1029	5 KB
1	sendgrid.net 1 redirects u14189904.ct.sendgrid.net	445 B
181	24

	Domain	Requested by
41	www.garuda-indonesia.com	www.garuda-indonesia.com static.cloudflareinsights.com
15	www.gstatic.com	recaptcha.net accounts.google.com www.gstatic.com
12	upgrade-cdn-prd.plusgrade.com	upgrade.plusgrade.com upgrade-cdn-prd.plusgrade.com
12	upgrade.plusgrade.com	www.garuda-indonesia.com upgrade-cdn-prd.plusgrade.com
11	secure.rentalcars.com	www.garuda-indonesia.com secure.rentalcars.com
10	recaptcha.net	www.garuda-indonesia.com www.gstatic.com recaptcha.net
9	www.facebook.com	connect.facebook.net www.garuda-indonesia.com
6	static.xx.fbcdn.net	www.facebook.com
6	www.google.de	www.garuda-indonesia.com
6	www.google.com	2 redirects www.garuda-indonesia.com
5	log.api.useinsider.com	www.garuda-indonesia.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.garuda-indonesia.com
5	connect.facebook.net	www.garuda-indonesia.com connect.facebook.net
4	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
4	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
3	cdn.appdynamics.com	www.googletagmanager.com cdn.appdynamics.com
3	stats.g.doubleclick.net	1 redirects www.garuda-indonesia.com www.google-analytics.com
3	widget.api.traveldoc.aero	www.garuda-indonesia.com widget.api.traveldoc.aero
3	accounts.google.com	apis.google.com www.garuda-indonesia.com www.gstatic.com
3	www.googletagmanager.com	www.garuda-indonesia.com secure.rentalcars.com
2	hit.api.useinsider.com	garuda.api.useinsider.com
2	garuda.api.useinsider.com	www.googletagmanager.com garuda.api.useinsider.com
2	8543057.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	apis.google.com	www.garuda-indonesia.com apis.google.com
1	col.eum-appdynamics.com	cdn.appdynamics.com
1	eitri.api.useinsider.com	garuda.api.useinsider.com
1	assets.api.useinsider.com	garuda.api.useinsider.com
1	location.api.useinsider.com	garuda.api.useinsider.com
1	segment.api.useinsider.com	garuda.api.useinsider.com
1	fonts.gstatic.com	recaptcha.net
1	adservice.google.com	8543057.fls.doubleclick.net
1	id-gmtdmp.mookie1.com	www.garuda-indonesia.com
1	track.omguk.com	www.garuda-indonesia.com
1	d1adj61x0fgvmc.cloudfront.net	www.garuda-indonesia.com
1	fonts.googleapis.com	secure.rentalcars.com
1	static.cloudflareinsights.com	www.garuda-indonesia.com
1	u14189904.ct.sendgrid.net	1 redirects
181	37

This site contains links to these domains. Also see Links.

Domain
www.railink.co.id
garudashop.garuda-indonesia.com
www.skyteam.com
voucher.garuda-indonesia.com
sp.booking.com
www.traveldoc.aero
www.worldtracer.aero
eproc.garuda-indonesia.com
paskahomologasi.garuda-indonesia.com
career.garuda-indonesia.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
www.garuda-indonesia.com GeoTrust EV RSA CA 2018	`2022-08-18` - `2023-08-23`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-12` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
secure.rentalcars.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-10-12` - `2022-11-12`	a year	crt.sh
*.plusgrade.com Amazon	`2022-02-19` - `2023-03-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.api.traveldoc.aero Go Daddy Secure Certificate Authority - G2	`2022-01-09` - `2023-01-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2022-02-22` - `2023-02-21`	a year	crt.sh
*.omguk.com Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-22`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.eum-appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-07-15`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
Frame ID: 0E9197D60BF90CCE89AC5F791DF79660
Requests: 103 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 7AF398E9C107239DDA04644340F61F23
Requests: 4 HTTP requests in this frame

Frame: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
Frame ID: 8AF4811A8C4CE98EAC55088BEC9634DC
Requests: 14 HTTP requests in this frame

Frame: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Frame ID: 627E294B78C34AB4EE83C3A51CB2A638
Requests: 12 HTTP requests in this frame

Frame: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
Frame ID: 4C288930DDA567827101A8F8EE606989
Requests: 3 HTTP requests in this frame

Frame: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Frame ID: 8B9A87B4D70CA7D1F5EE07A4A5F9AA51
Requests: 12 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9ea488a5afb6c%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff213a1f9698de8%26relation%3Dparent.parent&container_width=0&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=
Frame ID: 1CE98B0E2661726EFFE05AE341872548
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2cc3f61fd17324%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff213a1f9698de8%26relation%3Dparent.parent&container_width=0&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=
Frame ID: F7177CCBEE52FE6A3F064B3A620D6D94
Requests: 3 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=qoyc55e90d6x
Frame ID: 37E093100E200C69A54B1CEA15A55461
Requests: 4 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=sv5h2fjfaqck
Frame ID: B9D04C04FB39D5C8FD3A5F3402CFDFD2
Requests: 8 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=75ia5mka7pn
Frame ID: AC0A44157A03BD649B01D6FBB8A038A0
Requests: 4 HTTP requests in this frame

Frame: https://8543057.fls.doubleclick.net/activityi;dc_pre=CK20ucKmw_oCFZPqUQodiCcCgQ;src=8543057;type=garuda;cat=garud0;ord=5967129958603;gtm=2wg9s0;auiddc=2209582.1664774023;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D
Frame ID: 04AD2171CB8BB83347EC544351400801
Requests: 2 HTTP requests in this frame

Frame: https://garuda.api.useinsider.com/worker-new.html
Frame ID: 3DFC5D8657D4FAB90DAE53715B9982AB
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23dd040e5f84ec%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff213a1f9698de8%26relation%3Dparent.parent&container_width=45&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=
Frame ID: 59A8F9FA99735916DBBFE4633FB88564
Requests: 3 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo
Frame ID: 71B377F646D4FA8732DBA1A3BA98C2FA
Requests: 3 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo
Frame ID: AE616D04FC2A06415AC22FFCC03935C3
Requests: 3 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo
Frame ID: 44DDA7A54A7AE2E590E16BF5033D28C8
Requests: 3 HTTP requests in this frame

Frame: https://cdn.appdynamics.com/adrum-xd.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.html
Frame ID: E2E5698C736F53BCF12FAAC6C317515A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GARUDA INDONESIA TRAVEL VOUCHER - Garuda Indonesia

Page URL History Show full URLs

https://u14189904.ct.sendgrid.net/ls/click?upn=dAUPm36d30ZSS8ctpTykwtDK5Uujy-2BDYbPBr7ySRVXhqK1Lc3QuVpblS-2FYj... HTTP 302
https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNlt... Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Insider (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.useinsider\.\w+/

Optimise (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

track\.omguk\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

181
Requests

99 %
HTTPS

65 %
IPv6

24
Domains

37
Subdomains

31
IPs

5
Countries

6470 kB
Transfer

13872 kB
Size

27
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.railink.co.id/
Title: Airport Train Ticket

Search URL Search Domain Scan URL

URL: https://garudashop.garuda-indonesia.com/

Search URL Search Domain Scan URL

URL: http://www.skyteam.com/

Search URL Search Domain Scan URL

URL: https://voucher.garuda-indonesia.com/
Title: Order Now!

Search URL Search Domain Scan URL

URL: https://sp.booking.com/index.html?aid=2127874
Title: Book Hotel

Search URL Search Domain Scan URL

URL: https://www.traveldoc.aero/
Title: Powered By

Search URL Search Domain Scan URL

URL: http://www.worldtracer.aero/filedsp/ga.htm
Title: Travel Voucher

Search URL Search Domain Scan URL

URL: https://eproc.garuda-indonesia.com/
Title: Procurement Online

Search URL Search Domain Scan URL

URL: https://paskahomologasi.garuda-indonesia.com/
Title: Post Homologation

Search URL Search Domain Scan URL

URL: http://career.garuda-indonesia.com/
Title: Career

Search URL Search Domain Scan URL

URL: https://www.facebook.com/garudaindonesia/

Search URL Search Domain Scan URL

URL: https://twitter.com/IndonesiaGaruda

Search URL Search Domain Scan URL

URL: https://www.instagram.com/garuda.indonesia/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GarudaIndonesia1949

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/id/app/garuda-indonesia-mobile/id961859722?mt=8&at=&ct=&ign-mpt=uo%3D6

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.ursabyte.garudaindonesiaairlines&hl=en

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u14189904.ct.sendgrid.net/ls/click?upn=dAUPm36d30ZSS8ctpTykwtDK5Uujy-2BDYbPBr7ySRVXhqK1Lc3QuVpblS-2FYjQXG6aEZ8mBOkrLEk9GLgGK60mSjQZbxSsviFZJ2ar-2B7zudCzbpN8B8d5SED1uhxigtErEwq8qNQjbpo0n-2FzBaOg4orcaR8ifQQIhtl-2FWMJpK5jQ55yqhxWkhTp9MBhG-2BoF5F685gUn7GtQs-2FywFGqk8yU5hk-2BLRv6XZ8xM65aKMO-2FDI328AnGeDweP8jK9a9MQyu-2FGe2EebB67W9W1nO1WToDXmGCtzXJY-2FyB59xI95nzlveHM6Kv2L9QJ0M88KobSCahgm7VPGHbMd3uqB4qOM3vVw-3D-3DBf2C_RSarYHuR1TFTboLaUqY9qP45x1aESfdhQuaoEdtrW-2F3-2BkQz5beR35-2Bh2l-2Bct3BNCMzZnkfIwGpUzAA-2B971eBCnay-2Biqwr1FwmfSazuUowH8Qhu2z6uZycbe6uqoPzVhcdOvv665Q5j3Nm6LAwHEqlY-2B6JvVPcB3srdwR5Aggsf-2BfQKMocBu4D27c4NZeUUdeiJKCJbxAQQ5gtt7JVyOVrFyqYDKARP16NjFPa1zluLzUSwCSQHGEOqMY-2FuMhlY8whzIVY-2FebuUfo-2Bkpd5MwtdhLIqeZ2Q7-2B2D85EE96mqWQ-2FIwl6cAs5BqtYYngfG0K9DlIhi8ww7O50BQ7SK6FrlEh9uKs50VzYuM6P5ZN5G2ukHQG-2BVkqmNqaXbKRCown3-2FUK89kusp7DMYEjMXx7BDYJXTPCRjgqftL15AOj6llik-2FYOsNRQXl6hEhrClyc0xJsAjd3GdB1gIX9OGLrNIQwwQUJHGzRM0YPJ1AOhICWc0Q2fdp-2FULd-2BVNHCYz7KhBNw-2Fi97IKH-2BQsFDngOtHAkYbdzqFRyM6Yljk9yaNNydRxRVYC6Z-2B07EX5LpshfLh6j8O6ABafUE7ZA5RVUVIJoCtCaYpH1IArA3FPs9JAGl6Vyy2QUXLVHAeyka79fB80luX2Tb-2BCQ4T-2B9dXeKRxGJEGzjwoPCKU4CbeDtLBo-2BycJV7PTGcLvxMPq6NlDiggtXNq0dUmLLs0iXiE7oavzGGiJyToyJgSeVIanS1xJe-2FAzoqvpTCCE2VpLObzb-2BqSJ0VEciJg7t7gI-2FcLDjxI5DLBuudrnswNI5puasZZTqs0X2rcF10CRcc0RNyBJqg5A HTTP 302
https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://8543057.fls.doubleclick.net/activityi;src=8543057;type=garuda;cat=garud0;ord=5967129958603;gtm=2wg9s0;auiddc=2209582.1664774023;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D HTTP 302
https://8543057.fls.doubleclick.net/activityi;dc_pre=CK20ucKmw_oCFZPqUQodiCcCgQ;src=8543057;type=garuda;cat=garud0;ord=5967129958603;gtm=2wg9s0;auiddc=2209582.1664774023;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D

Request Chain 119

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=587180252&utmhn=www.garuda-indonesia.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&utmhid=1418630142&utmr=-&utmp=%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D%3F%26URL%3Dwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%26wt_market%3DID%26wt_language%3DEN%26wt_device%3DDESKTOP&utmht=1664774023805&utmac=UA-41803108-2&utmcc=__utma%3D46826104.1430314282.1664774024.1664774024.1664774024.1%3B%2B__utmz%3D46826104.1664774024.1.1.utmcsr%3Demail%7Cutmccn%3DHUT_Mandiri24%7Cutmcmd%3Demail%7Cutmcct%3Den_01oct%3B&utmjid=1330955634&utmredir=3&utmu=qhAAAAAACAAAAAAAAgABAAAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41803108-2&cid=1430314282.1664774024&jid=1330955634&_v=5.7.2dc&z=587180252 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41803108-2&cid=1430314282.1664774024&jid=1330955634&_v=5.7.2dc&z=587180252&slf_rd=1&random=4230654715

Request Chain 141

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/399566689/?random=730211253&cv=9&fst=1664774023707&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&auid=2209582.1664774023&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=h286Y9PMLfqG9fgPs7GP4As&sscte=1&crd=CJqqsQI&eitems=ChAI8O3kmQYQwcPDqPLRtoIzEh0AW3dUTOmTXwSkEOi2M9K2_xNBVVnLErZ2xVSB1A&pscrd=EktDaEVJOE8za21RWVE5NTI1M2Fha3YtM2FBUklqQUhncS1hcWNjSUhaS1lpcEZQaDA2aHEybExsaVY4WmwxZXlMU2pDdTVnZ0FYNVEaVkNoRUk4TzNrbVFZUV81R183dkdkelliQUFSSXJBRG1LQ2phRlFoZkRQYVBlU2RQVnVjdHdSMERrYlNKZW8ySW1GMmFtek1INFNaa0xFOW1lclE5QmR3 HTTP 302
https://www.google.com/pagead/1p-conversion/399566689/?random=730211253&cv=9&fst=1664774023707&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&auid=2209582.1664774023&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=EktDaEVJOE8za21RWVE5NTI1M2Fha3YtM2FBUklqQUhncS1hcWNjSUhaS1lpcEZQaDA2aHEybExsaVY4WmwxZXlMU2pDdTVnZ0FYNVEaVkNoRUk4TzNrbVFZUV81R183dkdkelliQUFSSXJBRG1LQ2phRlFoZkRQYVBlU2RQVnVjdHdSMERrYlNKZW8ySW1GMmFtek1INFNaa0xFOW1lclE5QmR3&is_vtc=1&ocp_id=h286Y9PMLfqG9fgPs7GP4As&cid=CAQSKQCsnQUxMVy7MvqV4M6Ylb_gZ0AMv2RmChkexzNWWwb10TA8o2xU7XJxIBM&eitems=ChAI8O3kmQYQwcPDqPLRtoIzEh0AW3dUTArto7EHmJ9HfecYO8KA6DiXslvH6qKzkQ&random=2175896330&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/399566689/?random=730211253&cv=9&fst=1664774023707&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&auid=2209582.1664774023&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=EktDaEVJOE8za21RWVE5NTI1M2Fha3YtM2FBUklqQUhncS1hcWNjSUhaS1lpcEZQaDA2aHEybExsaVY4WmwxZXlMU2pDdTVnZ0FYNVEaVkNoRUk4TzNrbVFZUV81R183dkdkelliQUFSSXJBRG1LQ2phRlFoZkRQYVBlU2RQVnVjdHdSMERrYlNKZW8ySW1GMmFtek1INFNaa0xFOW1lclE5QmR3&is_vtc=1&ocp_id=h286Y9PMLfqG9fgPs7GP4As&cid=CAQSKQCsnQUxMVy7MvqV4M6Ylb_gZ0AMv2RmChkexzNWWwb10TA8o2xU7XJxIBM&eitems=ChAI8O3kmQYQwcPDqPLRtoIzEh0AW3dUTArto7EHmJ9HfecYO8KA6DiXslvH6qKzkQ&random=2175896330&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hDKKbZCZuGE7tzkbUv8XRU7dtbFqGpHAoWe9NULqtiksuyA4klkt8k2-8biiyxYqsIfBdMhgvsZ8gnTDJyUeNQi

181 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request travel-voucher Show response
www.garuda-indonesia.com/id/en/special-offers/sales-promotion/
Redirect Chain

https://u14189904.ct.sendgrid.net/ls/click?upn=dAUPm36d30ZSS8ctpTykwtDK5Uujy-2BDYbPBr7ySRVXhqK1Lc3QuVpblS-2FYjQXG6aEZ8mBOkrLEk9GLgGK60mSjQZbxSsviFZJ2ar-2B7zudCzbpN8B8d5SED1uhxigtErEwq8qNQjbpo0n-2Fz...
https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=emai...

590 KB
80 KB

810ms
767ms

Document
text/html

2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42ce80bb624d65ffa4a22816d53aaba30b207fd7cf4aeb7c1cb105e5bfe4aa93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=3600
cf-cache-status: MISS
cf-ray: 754330a3bba0bbb3-FRA
content-disposition: inline
content-encoding: br
content-type: text/html;charset=utf-8
date: Mon, 03 Oct 2022 05:13:42 GMT
expires: Mon, 03 Oct 2022 06:13:42 GMT
last-modified: Mon, 03 Oct 2022 05:13:42 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 296
Content-Type: text/html; charset=utf-8
Date: Mon, 03 Oct 2022 05:13:41 GMT
Location: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 api.js Show response
recaptcha.net/recaptcha/ 909 B
991 B 79ms
29ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d0078a00437cee42f772ddbc087f1c3a7e1bca2310e1a64c26bdb9f21b27c932

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 578
x-xss-protection: 1; mode=block
expires: Mon, 03 Oct 2022 05:13:42 GMT

GET
H2 200 clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
www.garuda-indonesia.com/etc/designs/garuda/ 634 KB
221 KB 44ms
37ms Stylesheet
text/css 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65440f24f26abf351390af6c013c889e4a071ac973d450c57d697a856a0b88a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 29 Sep 2022 05:05:01 GMT
server: cloudflare
age: 346121
cf-polished: status=cannot_optimize
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: public, max-age=604800
cf-ray: 754330a8abd5bbb3-FRA
expires: Mon, 10 Oct 2022 05:13:42 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/ 91 KB
33 KB 42ms
35ms Script
application/javascript 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/jquery-1.10.2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 28 Sep 2022 20:08:08 GMT
server: cloudflare
age: 378334
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
content-disposition: attachment
cf-ray: 754330a8abd8bbb3-FRA
expires: Mon, 10 Oct 2022 05:13:42 GMT

GET
H2 200 jquery.newsTicker.js Show response
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/news_ticker/ 4 KB
1 KB 41ms
35ms Script
application/javascript 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/news_ticker/jquery.newsTicker.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d82d9748622d550e9448cc827d5c0159dd095b969ae9f2df03b84cf20e65fa4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 346121
cf-polished: origSize=12510
content-disposition: attachment
cf-bgj: minify
last-modified: Thu, 29 Sep 2022 05:05:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 754330a8abdabbb3-FRA
expires: Mon, 10 Oct 2022 05:13:42 GMT

GET
H2 200 bootstrap-select.min.js Show response
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/ 33 KB
10 KB 37ms
32ms Script
application/javascript 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/bootstrap-select.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7d277ad3ded41d89d82daaa750df136efbe19dec4a0ffda83fd31d651e2d316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 05:05:01 GMT
server: cloudflare
age: 346121
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
content-disposition: attachment
cf-ray: 754330a8abdbbbb3-FRA
expires: Mon, 10 Oct 2022 05:13:42 GMT

GET
H2 200 AjaxRequest.class.js Show response
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/ 4 KB
2 KB 38ms
33ms Script
application/javascript 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/AjaxRequest.class.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c5be853e53cda97ca5467eef81b15470643d84a5b79f293ab130ea0f735ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 236620
cf-polished: origSize=14735
content-disposition: attachment
cf-bgj: minify
last-modified: Fri, 30 Sep 2022 11:30:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 754330a8abdcbbb3-FRA
expires: Mon, 10 Oct 2022 05:13:42 GMT

GET
H2 200 jquery.validate.js Show response
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/membership/ 26 KB
7 KB 38ms
34ms Script
application/javascript 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/membership/jquery.validate.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bca31dd337180c989c0af8bd301323411041faf620326d8ddd9505bd4574f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 308844
cf-polished: origSize=40182
content-disposition: attachment
cf-bgj: minify
last-modified: Thu, 29 Sep 2022 15:26:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 754330a8abddbbb3-FRA
expires: Mon, 10 Oct 2022 05:13:42 GMT

GET
H2 200 clientlib-all.min.38b7a6fba6d39553394c66cfcabcd7b7.js Show response
www.garuda-indonesia.com/etc/designs/garuda/ 909 KB
231 KB 62ms
59ms Script
application/javascript 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.38b7a6fba6d39553394c66cfcabcd7b7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f914e2dd08ab144b439ac851962f79c84eda996f2bcfa9e92df03d425875856b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 28 Sep 2022 20:29:19 GMT
server: cloudflare
age: 377063
cf-polished: origSize=1127334
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=604800
cf-ray: 754330a8abdfbbb3-FRA
expires: Mon, 10 Oct 2022 05:13:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 150ms
62ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-681405943

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c2024815992a351f6a71d22550e5b636b739a77085862568d8d21cc610b5b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46814
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Oct 2022 05:13:42 GMT

GET
H2 200 tanpa-pesawat.png
www.garuda-indonesia.com/content/dam/garuda/loader/ 2 KB
2 KB 38ms
37ms Image
image/webp 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/loader/tanpa-pesawat.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b3c698921474308b46d25f4ae5597d05e81bdd853353785690c6e9823aebf71

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
cf-cache-status: HIT
age: 237614
cf-polished: origFmt=png, origSize=7502
content-disposition: inline; filename="tanpa-pesawat.webp"
content-length: 1844
cf-bgj: imgq:85,h2pri
last-modified: Fri, 30 Sep 2022 11:13:28 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 754330a95cfdbbb3-FRA
expires: Thu, 03 Nov 2022 05:13:42 GMT

GET
H2 200 pesawat.png
www.garuda-indonesia.com/content/dam/garuda/loader/ 1 KB
1 KB 34ms
32ms Image
image/webp 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/loader/pesawat.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca56b2d38c8d7cecc5b20d0ddb9c4d69e05488da0206fcc59f54710d5f8d6bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
cf-cache-status: HIT
age: 511519
cf-polished: origFmt=png, origSize=6593
content-disposition: inline; filename="pesawat.webp"
content-length: 1088
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Sep 2022 07:08:23 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 754330a9ee01bbb3-FRA
expires: Thu, 03 Nov 2022 05:13:42 GMT

GET
H2 200 logo-loader.png
www.garuda-indonesia.com/content/dam/garuda/loader/ 4 KB
4 KB 36ms
35ms Image
image/webp 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/loader/logo-loader.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3152618b9e2928faf063b4c95beb16abe4ba7bd2217f692b385cb2b1b2c77427

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
cf-cache-status: HIT
age: 429699
cf-polished: origFmt=png, origSize=5741
content-disposition: inline; filename="logo-loader.webp"
content-length: 4192
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Sep 2022 05:52:03 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 754330a9ee03bbb3-FRA
expires: Thu, 03 Nov 2022 05:13:42 GMT

GET
H2 200 floating-mandiri24-en.JPG
www.garuda-indonesia.com/content/dam/garuda/floating-banner/ 11 KB
11 KB 31ms
30ms Image
image/webp 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/floating-banner/floating-mandiri24-en.JPG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3225c62f78158e1b20d6913eda44028d006dc1d33b61c52d4909b644dec0911

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
cf-cache-status: HIT
age: 55789
cf-polished: qual=85, origFmt=jpeg, origSize=26985
content-disposition: inline; filename="floating-mandiri24-en.webp"
content-length: 11552
cf-bgj: imgq:85,h2pri
last-modified: Sun, 02 Oct 2022 13:43:53 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 754330a9ee04bbb3-FRA
expires: Mon, 03 Oct 2022 09:13:42 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 74ms
27ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 05:13:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "95a07626e083cec6"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 05:13:42 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 65ms
22ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f182c5d893cce5021d158f007f1346298f950e8412b203c230d9c8f6f142bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.garuda-indonesia.com/
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 05:13:42 GMT
content-md5: 8Fs8jbnAkUMzonZFYrj2Aw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: nvyEi0LhdUm+41vleF9pw3hNHYTO+7aUxAO5PqI1P9cy9jIdFx5iaJFrsl0A3k+fPhO74Vc38uktBzvNFO+h8g==
x-fb-trip-id: 917726464
x-fb-content-md5: 6157eb30008f6f9650e0c1ee13f380e6
cross-origin-opener-policy: same-origin-allow-popups
etag: "695357849fdbf8a3239a1d03fddd18ea"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 05:23:04 GMT

GET
H2 200 logoGmiles-2x.png
www.garuda-indonesia.com/content/dam/garuda/logo/ 3 KB
3 KB 40ms
39ms Image
image/webp 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/logo/logoGmiles-2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

941062375e5ec293a6471bad5709e6b5fc3650a924337e990f293868795eb592

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
cf-cache-status: HIT
age: 326885
cf-polished: origFmt=png, origSize=5908
content-disposition: inline; filename="logoGmiles-2x.webp"
content-length: 2828
cf-bgj: imgq:85,h2pri
last-modified: Thu, 29 Sep 2022 10:25:37 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 754330a9ee05bbb3-FRA
expires: Thu, 03 Nov 2022 05:13:42 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ 392 KB
157 KB 125ms
34ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.garuda-indonesia.com/
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

GET
H2 404 Poppins-Regular.woff2
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 31ms
31ms Font
text/html 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Regular.woff2

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 334489
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 754330a99d71bbb3-FRA
expires: Mon, 03 Oct 2022 09:13:42 GMT

GET
H2 404 Poppins-Regular.woff
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 32ms
32ms Font
text/html 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Regular.woff

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 319774
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 754330a9ee06bbb3-FRA
expires: Mon, 03 Oct 2022 09:13:42 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 60ms
20ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f182c5d893cce5021d158f007f1346298f950e8412b203c230d9c8f6f142bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 05:13:42 GMT
content-md5: 8Fs8jbnAkUMzonZFYrj2Aw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: nvyEi0LhdUm+41vleF9pw3hNHYTO+7aUxAO5PqI1P9cy9jIdFx5iaJFrsl0A3k+fPhO74Vc38uktBzvNFO+h8g==
x-fb-trip-id: 917726464
x-fb-content-md5: 6157eb30008f6f9650e0c1ee13f380e6
cross-origin-opener-policy: same-origin-allow-popups
etag: "695357849fdbf8a3239a1d03fddd18ea"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 05:23:04 GMT

GET
H2 200 gshop_logo.png
www.garuda-indonesia.com/content/dam/garuda/logo/ 3 KB
3 KB 35ms
35ms Image
image/webp 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/logo/gshop_logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a946a08f157a09df1f78099b80821d3a5c7967d5c824d6ed8f8e78ed7d354a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
cf-cache-status: HIT
age: 411270
cf-polished: origFmt=png, origSize=9540
content-disposition: inline; filename="gshop_logo.webp"
content-length: 2978
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Sep 2022 10:59:12 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 754330a9fe10bbb3-FRA
expires: Thu, 03 Nov 2022 05:13:42 GMT

GET
H2 200 logoGA-2x.png
www.garuda-indonesia.com/content/dam/garuda/logo/ 7 KB
7 KB 31ms
31ms Image
image/webp 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/logo/logoGA-2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff8f6e2aae88247f15e51c5057b9408b807b545aa7763e623625ba1fca33cbad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
cf-cache-status: HIT
age: 334488
cf-polished: origFmt=png, origSize=14648
content-disposition: inline; filename="logoGA-2x.webp"
content-length: 7426
cf-bgj: imgq:85,h2pri
last-modified: Thu, 29 Sep 2022 08:18:54 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 754330a9fe11bbb3-FRA
expires: Thu, 03 Nov 2022 05:13:42 GMT

GET
H2 200 fontawesome-webfont.woff2
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/css/fonts/ 75 KB
76 KB 32ms
31ms Font
application/octet-stream 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/css/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 30 Sep 2022 05:39:57 GMT
server: cloudflare
age: 257625
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
content-disposition: attachment
accept-ranges: bytes
cf-ray: 754330aa0e21bbb3-FRA
content-length: 77160
expires: Mon, 03 Oct 2022 09:13:42 GMT

GET
DATA 200
OK truncated
/ 22 KB
22 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b452e46ee174574b2038927aa871d1b5ad51bd94adb3dcc76073cd97841135c

Request headers

Referer
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 21 KB
21 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92fdaf28b8a4d93678a8bc86cc0fd8f2922bd959810f7f2606be1c56bbe45c2e

Request headers

Referer
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 21 KB
21 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c7642d20295b984fa043d105552963fa5da85f5544bd14f15b7a448e89c2227

Request headers

Referer
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 404 Poppins-SemiBold.woff2
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 31ms
30ms Font
text/html 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-SemiBold.woff2

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 264237
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 754330aa0e30bbb3-FRA
expires: Mon, 03 Oct 2022 09:13:42 GMT

GET
H2 404 Poppins-Bold.woff2
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 32ms
32ms Font
text/html 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Bold.woff2

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 312589
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 754330aa1e44bbb3-FRA
expires: Mon, 03 Oct 2022 09:13:42 GMT

GET
H2 404 Poppins-Regular.ttf
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 34ms
34ms Font
text/html 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Regular.ttf

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 478197
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 754330aa2e65bbb3-FRA
expires: Mon, 03 Oct 2022 09:13:42 GMT

GET
H2 404 Poppins-SemiBold.woff
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 36ms
36ms Font
text/html 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-SemiBold.woff

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 242077
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 754330aa4e93bbb3-FRA
expires: Mon, 03 Oct 2022 09:13:42 GMT

GET
H2 404 Poppins-Bold.woff
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 31ms
30ms Font
text/html 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Bold.woff

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 326285
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 754330aa5ea9bbb3-FRA
expires: Mon, 03 Oct 2022 09:13:42 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
87 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c53a12b1d2f5c6a9dc923a7303107f86

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1a37012cdf1ddece12a47e7063c3a2fa3bf2e490a24f4ac4a295cbc5a6c2c0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.garuda-indonesia.com/
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 05:13:42 GMT
content-md5: f2sB+XJPPZe15wTr+WEB6Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88394
x-fb-rlafr: 0
x-fb-debug: snMACFg13JTphGz7dby4Xzso5zI1v/5VravF5UME+gub5H8kvVDwiaCGMmjq4DoeZqji2xsTMsJbtDRubfqWGg==
x-fb-trip-id: 917726464
x-fb-content-md5: f4fd0c6ea1f6d890f237f72ece5867b1
cross-origin-opener-policy: same-origin-allow-popups
etag: "6f3bd8a1be9479543c8dc9f3a77ff403"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 03 Oct 2023 04:49:37 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=signin2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 140 KB
47 KB 64ms
21ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=signin2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8d1464b4efce8a7ce0f9ad896372d9e03443c95cc19769fd7116e6b7af7cdcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 10:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48050
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 10:12:46 GMT

GET
H2 404 Poppins-SemiBold.ttf
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 30ms
29ms Font
text/html 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-SemiBold.ttf

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 312588
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 754330aa8f02bbb3-FRA
expires: Mon, 03 Oct 2022 09:13:42 GMT

GET
H2 404 Poppins-Bold.ttf
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 38ms
38ms Font
text/html 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Bold.ttf

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 308842
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 754330aa9f1cbbb3-FRA
expires: Mon, 03 Oct 2022 09:13:42 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 93ms
36ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-681405943

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 05:13:42 GMT

GET
H2 200 landing-page-travel-voucher-en.jpg
www.garuda-indonesia.com/content/dam/garuda/offers/ 441 KB
441 KB 1328ms
1328ms Image
image/jpeg 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/offers/landing-page-travel-voucher-en.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ddfaa559c5bdae53a3e6a95c8d7a8a931973699907607688b084c1cb715854

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
cf-cache-status: MISS
last-modified: Mon, 03 Oct 2022 05:13:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
content-disposition: attachment
accept-ranges: bytes
cf-ray: 754330aabf4abbb3-FRA
content-length: 451437
expires: Thu, 03 Nov 2022 05:13:43 GMT

GET
H2 200 thumbnail-travel-voucher-500ribu.jpg
www.garuda-indonesia.com/content/dam/garuda/offers/ 391 KB
392 KB 911ms
910ms Image
image/jpeg 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/offers/thumbnail-travel-voucher-500ribu.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc1d0c8b38383a03262c2fb87cc930ce224bb50f9979870cb97091764416d077

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
cf-cache-status: MISS
last-modified: Mon, 03 Oct 2022 05:13:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
content-disposition: attachment
accept-ranges: bytes
cf-ray: 754330aabf4dbbb3-FRA
content-length: 400860
expires: Thu, 03 Nov 2022 05:13:43 GMT

GET
H2 200 thumbnail-travel-voucher-1juta.jpg
www.garuda-indonesia.com/content/dam/garuda/offers/ 396 KB
397 KB 907ms
906ms Image
image/jpeg 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/offers/thumbnail-travel-voucher-1juta.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

298072c116af171b0f09af4c992a5e762e04b7894b542079c4bc8ea05279acc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
cf-cache-status: MISS
last-modified: Mon, 03 Oct 2022 05:13:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
content-disposition: attachment
accept-ranges: bytes
cf-ray: 754330aabf4fbbb3-FRA
content-length: 405634
expires: Thu, 03 Nov 2022 05:13:43 GMT

GET
H2 200 thumbnail-travel-voucher-2juta.jpg
www.garuda-indonesia.com/content/dam/garuda/offers/ 389 KB
389 KB 954ms
954ms Image
image/jpeg 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/offers/thumbnail-travel-voucher-2juta.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ec56136b79e74afa2cfe34a774b70ba961bfd68e667f0a9289bfa3114abe20d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
cf-cache-status: MISS
last-modified: Mon, 03 Oct 2022 05:13:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
content-disposition: attachment
accept-ranges: bytes
cf-ray: 754330aabf50bbb3-FRA
content-length: 398299
expires: Thu, 03 Nov 2022 05:13:43 GMT

GET
H2 200 thumbnail-travel-voucher-5juta.jpg
www.garuda-indonesia.com/content/dam/garuda/offers/ 328 KB
329 KB 1049ms
1049ms Image
image/jpeg 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/offers/thumbnail-travel-voucher-5juta.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ac9c7d322af017cd393020b211eb170d42828625b442205f8a71549bdc40f9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
cf-cache-status: MISS
last-modified: Mon, 03 Oct 2022 05:13:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
content-disposition: attachment
accept-ranges: bytes
cf-ray: 754330aabf53bbb3-FRA
content-length: 336006
expires: Thu, 03 Nov 2022 05:13:43 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 95ms
53ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=2077467505731265&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c53a12b1d2f5c6a9dc923a7303107f86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Mon, 03 Oct 2022 05:13:42 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: nIJg2ZT6TNhIlnnBRJEVVcGv7QQSYW8lfLHWGJjwE+VL4k3QCSpIOoBAoKBX5tRmm9+GP7Iwqh3/t6iZKLN9cw==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.garuda-indonesia.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 62ms
20ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2077467505731265&ev=fb_page_view&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&rl=&if=false&ts=1664774022852&sw=1600&sh=1200&at=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Oct 2022 05:13:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 62ms
21ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Oct 2022 05:13:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 62ms
21ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Oct 2022 05:13:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 7AF3 280 B
1 KB 115ms
69ms Document
text/html 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=signin2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ce1291a6c782a5263e68144f1d3c134393f58d9ab06bf8869d2347977d5896d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-EwX5apuuWIzNBAXlTmWpRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-EwX5apuuWIzNBAXlTmWpRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:13:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/681405943/ 3 KB
2 KB 85ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/681405943/?random=1664774022919&cv=9&fst=1664774022919&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&auid=2209582.1664774023&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27b9713d94a7e074d50e4a75dddf4c5577999644df2d3912d2d774e3ce908583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1208
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/681405943/ 42 B
548 B 81ms
34ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/681405943/?random=1664774022919&cv=9&fst=1664773200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&async=1&fmt=3&is_vtc=1&random=2837762146&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/681405943/ 42 B
548 B 148ms
60ms Image
image/gif 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/681405943/?random=1664774022919&cv=9&fst=1664773200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&async=1&fmt=3&is_vtc=1&random=2837762146&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 7AF3 2 KB
847 B 76ms
35ms Other
text/html 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

77e7a8743d17c250ac39be238d7472f22a436006e596335d5fe90f8289471ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.eJOmNFtKVN8.es5.O/d=1/rs=AOaEmlEFcwHlVJ4B0u3e71WJCcV_vzbOGA/ Frame 7AF3 99 KB
34 KB 103ms
34ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.eJOmNFtKVN8.es5.O/d=1/rs=AOaEmlEFcwHlVJ4B0u3e71WJCcV_vzbOGA/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8fdffcdc31327f9b595502bde2183bc278d0dd3f40e1535b1d4a6418e54f068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 03:59:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34875
x-xss-protection: 0
last-modified: Sat, 24 Sep 2022 05:40:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 03:59:40 GMT

GET
H2 200 / Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/ Frame 8AF4 4 KB
2 KB 230ms
172ms Document
text/html 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

551cacdeb3af7f286ff2f063fe607f616df064ef0c24177fc277d5bf5044c15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 754330acbd9f906a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 05:13:43 GMT
last-modified: Tue, 08 Feb 2022 14:03:26 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-envoy-upstream-service-time: 50
x-xss-protection: 1; mode=block

GET
H2 200 Garuda Show response
upgrade.plusgrade.com/offer/ Frame 627E 4 KB
5 KB 354ms
119ms Document
text/html 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68ed33f482be91ade98b780487b7aeb9056326b28ab3411a47b272ab48f48320

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-language: en
content-type: text/html;charset=utf-8
date: Mon, 03 Oct 2022 05:13:43 GMT
server: Apache-Coyote/1.1
via: kong/0.12.3
x-kong-proxy-latency: 0
x-kong-upstream-latency: 13
x-robots-tag: noindex

GET
H2 200 / Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/ Frame 4C28 3 KB
1 KB 191ms
139ms Document
text/html 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 610b1df0ebc0df823c1bd44a3a2451cdcdb2003284970bf142a6b5d85ae878a4

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 754330acbda3906a-FRA
content-encoding: br
content-type: text/html
date: Mon, 03 Oct 2022 05:13:43 GMT
server: cloudflare
server-timing: bon, total;dur=0.154842
vary: Accept-Encoding

GET
H2 200 Garuda Show response
upgrade.plusgrade.com/offer/ Frame 8B9A 4 KB
5 KB 431ms
203ms Document
text/html 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68ed33f482be91ade98b780487b7aeb9056326b28ab3411a47b272ab48f48320

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-language: en
content-type: text/html;charset=utf-8
date: Mon, 03 Oct 2022 05:13:43 GMT
server: Apache-Coyote/1.1
via: kong/0.12.3
x-kong-proxy-latency: 0
x-kong-upstream-latency: 13
x-robots-tag: noindex

GET
H2 200 logoSkyteam-2x.jpg
www.garuda-indonesia.com/content/dam/garuda/logo/ 6 KB
6 KB 34ms
32ms Image
image/webp 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/logo/logoSkyteam-2x.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10ce47be2fd189fa573e0be0a36f686aca67101b9fd56f0b557772525fabfbf2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
cf-cache-status: HIT
age: 133927
cf-polished: qual=85, origFmt=jpeg, origSize=31236
content-disposition: inline; filename="logoSkyteam-2x.webp"
content-length: 5942
cf-bgj: imgq:85,h2pri
last-modified: Sat, 01 Oct 2022 16:01:36 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 754330ac6a78bbb3-FRA
expires: Thu, 03 Nov 2022 05:13:43 GMT

GET
H2 200 icn-store-apple-2x.png
www.garuda-indonesia.com/content/dam/garuda/ 3 KB
3 KB 32ms
30ms Image
image/webp 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/icn-store-apple-2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adb46fbd75c2606f0e52cb0be59d16488c5aa07c215feb71d3e8d967fe9324b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
cf-cache-status: HIT
age: 324417
cf-polished: origFmt=png, origSize=8976
content-disposition: inline; filename="icn-store-apple-2x.webp"
content-length: 3058
cf-bgj: imgq:85,h2pri
last-modified: Thu, 29 Sep 2022 11:06:46 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 754330ac6a7cbbb3-FRA
expires: Thu, 03 Nov 2022 05:13:43 GMT

GET
H2 200 icn-store-google-2x.png
www.garuda-indonesia.com/content/dam/garuda/ 4 KB
4 KB 33ms
31ms Image
image/webp 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/icn-store-google-2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be66cc9a6d7ecf4c3d784eab53c84d41a9c643986ae142df797562964b7ac13c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
cf-cache-status: HIT
age: 128
cf-polished: origFmt=png, origSize=10109
content-disposition: inline; filename="icn-store-google-2x.webp"
content-length: 3996
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Oct 2022 05:11:35 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 754330ac6a7ebbb3-FRA
expires: Thu, 03 Nov 2022 05:13:43 GMT

GET
H2 200 logo_white.png
www.garuda-indonesia.com/content/dam/garuda/new-revamp/ 4 KB
5 KB 34ms
32ms Image
image/webp 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/new-revamp/logo_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9289d80c8a0f25016c5512c537f8b11f71a2fab4024bfd0a036d4ea9bec629

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
cf-cache-status: HIT
age: 239725
cf-polished: origFmt=png, origSize=6574
content-disposition: inline; filename="logo_white.webp"
content-length: 4534
cf-bgj: imgq:85,h2pri
last-modified: Fri, 30 Sep 2022 10:38:18 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 754330ac6a80bbb3-FRA
expires: Thu, 03 Nov 2022 05:13:43 GMT

GET
H2 200 wbcc-2018-large-text.png
www.garuda-indonesia.com/content/dam/garuda/ 16 KB
16 KB 33ms
32ms Image
image/webp 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/wbcc-2018-large-text.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de54222aeed9f0503d5d0f11f548bf3bf9f0ae20a2ab9e8b477f0e61508d89dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
cf-cache-status: HIT
age: 246540
cf-polished: origFmt=png, origSize=25385
content-disposition: inline; filename="wbcc-2018-large-text.webp"
content-length: 15920
cf-bgj: imgq:85,h2pri
last-modified: Fri, 30 Sep 2022 08:44:43 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 754330ac6a82bbb3-FRA
expires: Thu, 03 Nov 2022 05:13:43 GMT

GET
H2 200 5starcovidwhite.png
www.garuda-indonesia.com/content/dam/garuda/ 16 KB
16 KB 44ms
43ms Image
image/webp 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/5starcovidwhite.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

608aadc2860f69c9733d2dadb9c805115f1cdd062cbb9de9187fc74056e2f7c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
cf-cache-status: HIT
age: 236619
cf-polished: origFmt=png, origSize=27629
content-disposition: inline; filename="5starcovidwhite.webp"
content-length: 16306
cf-bgj: imgq:85,h2pri
last-modified: Fri, 30 Sep 2022 11:30:04 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 754330ac6a86bbb3-FRA
expires: Thu, 03 Nov 2022 05:13:43 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 297 KB
87 KB 147ms
79ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5HZKLL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a462cb1a7e647d7cfdc4ead4541db9834b49f774afde67ca7931d6c76f8550a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89468
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Oct 2022 05:13:43 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 124ms
79ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.garuda-indonesia.com/
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 754330acab7e918e-FRA

GET
H2 200 glyphicons-halflings-regular.woff2
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/css/fonts/ 18 KB
18 KB 34ms
33ms Font
application/octet-stream 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/css/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:23:54 GMT
server: cloudflare
age: 312589
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
content-disposition: attachment
accept-ranges: bytes
cf-ray: 754330ac7ab1bbb3-FRA
content-length: 18028
expires: Mon, 03 Oct 2022 09:13:43 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 7AF3 49 B
96 B 32ms
32ms XHR
application/json 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.garuda-indonesia.com&client_id=1045604805004-es0gvhgl4vq0vj7iqha4lh9149pp7tca.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.eJOmNFtKVN8.es5.O/d=1/rs=AOaEmlEFcwHlVJ4B0u3e71WJCcV_vzbOGA/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eYL8YW3iQMjDItnRAXRAng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-eYL8YW3iQMjDItnRAXRAng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-encoding: gzip
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
content-type: application/json; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 03 Oct 2022 05:13:43 GMT

POST
H2 200 GarudaBookingServlet Show response
www.garuda-indonesia.com/garudaapinew/ 58 B
110 B 896ms
895ms XHR
text/xml 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/garudaapinew/GarudaBookingServlet

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/jquery-1.10.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53d966f39e621b4ebbea44474d3f04dd95c5316e2772b30c33cdefe2849b9834

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://www.garuda-indonesia.com
cf-ray: 754330ad6c4abbb3-FRA

POST
H2 200 GetSiteMap Show response
www.garuda-indonesia.com/garudaapinew/ 214 B
383 B 728ms
728ms XHR
text/xml 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/garudaapinew/GetSiteMap

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/jquery-1.10.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2dc1e37905a74e9cfbd08742681e1475f24ead019db864d2255fc1f6af8f144

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://www.garuda-indonesia.com
cf-ray: 754330ad7c72bbb3-FRA

GET
H2 200 Amala Show response
www.garuda-indonesia.com/garudaapinew/ 72 B
160 B 796ms
790ms XHR
application/json 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/garudaapinew/Amala?f=cekstatus

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/jquery-1.10.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64637d4aa992515b6d20291d5df4a9be804a35fd67937901b899a294bfeb7a95

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754330adcd06bbb3-FRA
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK Script.js Show response
widget.api.traveldoc.aero/JS/ 30 KB
9 KB 231ms
41ms Script
text/javascript 191.237.222.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.api.traveldoc.aero/JS/Script.js?Color=Default&Orientation=Standard&ClientContainer=submenu-traveldoc-floating&Language=en&_=1664774022607
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 191.237.222.171 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 430c4d457d3ceb4b453ecd5f98a6b7a8d2e8b6551c10fe24519d76834d2d699d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 05:13:42 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Last-Modified: Mon, 03 Oct 2022 05:13:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=10
Content-Length: 9149
Expires: Mon, 03 Oct 2022 05:13:53 GMT

GET
H3 200 login_button.php Show response
www.facebook.com/v6.0/plugins/ Frame 1CE9 31 KB
12 KB 101ms
77ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9ea488a5afb6c%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff213a1f9698de8%26relation%3Dparent.parent&container_width=0&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c53a12b1d2f5c6a9dc923a7303107f86

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a8d505443ea9f4bdab6a6a789c5dc4bb4c6af2050090f110e9141098e023055f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Mon, 03 Oct 2022 05:13:43 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 1sLQY6sOjtIntqMkBxF1Ya6IenuWxnR5YDQcQGkRayhHPm3xQLjjzj/xzgn8+jixepJN0i3jlAXm1uUnwrNkUw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 login_button.php Show response
www.facebook.com/v6.0/plugins/ Frame F717 31 KB
12 KB 161ms
147ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2cc3f61fd17324%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff213a1f9698de8%26relation%3Dparent.parent&container_width=0&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c53a12b1d2f5c6a9dc923a7303107f86

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2d463a4a998b42d90d561456acdcd90dbd4a3219382d98a6c7a775a26ff8ba9

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Mon, 03 Oct 2022 05:13:43 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: CJPdqFa+ovVQf4zBEJvFq8esjQCYrUEaNuubfDHLbzjGG+EQfCizFE2u4DDy3X0ZtiFLK28e8ivy9u8Vf8/sSA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 anchor Show response
recaptcha.net/recaptcha/api2/ Frame 37E0 43 KB
22 KB 92ms
43ms Document
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=qoyc55e90d6x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aabddcf836bf9abc6ca392f036a5d3ef3d51d07a8b3cd772af15d15cdecb304a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9S3ybweqw7PQ-P0pgVxD0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22867
content-security-policy: script-src 'report-sample' 'nonce-9S3ybweqw7PQ-P0pgVxD0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:13:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
recaptcha.net/recaptcha/api2/ Frame B9D0 43 KB
22 KB 108ms
61ms Document
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d94effcdff37af72df93111227eae455859a0bc8adab80204b0617a28d27405

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8N-S9qPfdUuYG33YPtwrbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22995
content-security-policy: script-src 'report-sample' 'nonce-8N-S9qPfdUuYG33YPtwrbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:13:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
recaptcha.net/recaptcha/api2/ Frame AC0A 43 KB
22 KB 86ms
42ms Document
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

901d88fa4ca22353f5f5e573e7925dd50fd983337fdd50a73a566cb3222334ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F_cZRXBwEXWpsKr1Lg21Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22904
content-security-policy: script-src 'report-sample' 'nonce-F_cZRXBwEXWpsKr1Lg21Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:13:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 beakerV2 Show response
secure.rentalcars.com/js/ Frame 4C28 157 KB
49 KB 102ms
79ms Script
text/javascript 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.rentalcars.com/js/beakerV2
Requested by: Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89ca5ede9037036a6eb0a569b49bbff1f1f477803416f27fbccc2199a77163dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=60
server-timing: bon, total;dur=0.203135
cf-ray: 754330ae5fc6906a-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame 8AF4 5 KB
1 KB 106ms
32ms Stylesheet
text/css 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 05:02:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Oct 2022 05:13:43 GMT

GET
H2 200 base.css
secure.rentalcars.com/partners/integrations/stand-alone-app/css/ Frame 8AF4 16 KB
5 KB 87ms
70ms Stylesheet
text/css 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/css/base.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c04e8bbfa057e098486ff3b17b0e46f85a5e27c89790dfefb48b57cf8f063ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1398
cf-polished: origSize=16706
x-envoy-upstream-service-time: 49
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 09:10:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"4142-5d94cc5649b00-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 754330ae5fc2906a-FRA
expires: Mon, 03 Oct 2022 09:13:43 GMT

GET
H2 200 app.min.js Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/js/ Frame 8AF4 213 KB
76 KB 65ms
49ms Script
application/javascript 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ead9b6523f6f250f5ac9e6daad3ab4468406ebf45a8856cca4508ea1557232d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1398
x-envoy-upstream-service-time: 66
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Feb 2022 14:03:28 GMT
server: cloudflare
etag: W/"35365-5d7822e6a6c00-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 754330ae5fc5906a-FRA
expires: Mon, 03 Oct 2022 09:13:43 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 99ms
41ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HZKLL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 05:13:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 79ms
18ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HZKLL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 03:15:57 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 7066
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Mon, 03 Oct 2022 05:15:57 GMT

GET
H3

200

activityi;dc_pre=CK20ucKmw_oCFZPqUQodiCcCgQ;src=8543057;type=garuda;cat=garud0;ord=5967129958603;gtm=2wg9s0;auiddc=2209582.1664774023;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecia... Show response
8543057.fls.doubleclick.net/ Frame 04AD
Redirect Chain

https://8543057.fls.doubleclick.net/activityi;src=8543057;type=garuda;cat=garud0;ord=5967129958603;gtm=2wg9s0;auiddc=2209582.1664774023;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspec...
https://8543057.fls.doubleclick.net/activityi;dc_pre=CK20ucKmw_oCFZPqUQodiCcCgQ;src=8543057;type=garuda;cat=garud0;ord=5967129958603;gtm=2wg9s0;auiddc=2209582.1664774023;~oref=https%3A%2F%2Fwww.gar...

652 B
495 B

115ms
53ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8543057.fls.doubleclick.net/activityi;dc_pre=CK20ucKmw_oCFZPqUQodiCcCgQ;src=8543057;type=garuda;cat=garud0;ord=5967129958603;gtm=2wg9s0;auiddc=2209582.1664774023;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HZKLL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

f6f20560981a2b709ad0b6f99186003f196973f3cc74299ad5c98438e5fced92

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 470
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:13:43 GMT
expires: Mon, 03 Oct 2022 05:13:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:13:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8543057.fls.doubleclick.net/activityi;dc_pre=CK20ucKmw_oCFZPqUQodiCcCgQ;src=8543057;type=garuda;cat=garud0;ord=5967129958603;gtm=2wg9s0;auiddc=2209582.1664774023;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 90ms
26ms Script
text/javascript 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 03:30:56 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 6167
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Mon, 03 Oct 2022 05:30:56 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
16 KB 69ms
33ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HZKLL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
server: cafe
etag: 11313833467736987248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 05:13:43 GMT

GET
H2 200 uni.js Show response
d1adj61x0fgvmc.cloudfront.net/35BF4504/ 0
352 B 63ms
19ms Script
application/x-javascript 2600:9000:214f:800:b:2370:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1adj61x0fgvmc.cloudfront.net/35BF4504/uni.js
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:800:b:2370:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 02 Oct 2022 20:23:43 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
last-modified: Thu, 18 Sep 2014 10:36:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 31801
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: aDwVsNvL-87PZ1RwANVzvqmA1RNK7oDL2I6Fn_MU9JchoAZbSBRN2Q==

GET
H2 200 ins.js Show response
garuda.api.useinsider.com/ 439 KB
113 KB 92ms
48ms Script
application/javascript 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garuda.api.useinsider.com/ins.js?id=10001306

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HZKLL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3909a4a17a47921ad787a844e05f0c3fb39d23906426fb39a3ce2495ea9e9f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: nmAQ1MlXBspeFtyrlKqn2PKV4Wx6suwZ
cf-cache-status: HIT
x-amz-request-id: F79WCQ9SBY4YY640
age: 323
content-encoding: br
x-amz-id-2: FIJkBeLCbZlYNJLSr1EoJRsClntSWTmECR54Tw4l8EiObcUzQ0azikUyZjPcpKQeZpg+Fv6PGYk=
x-xss-protection: 1
pragma: public
last-modified: Mon, 03 Oct 2022 04:26:55 GMT
server: cloudflare
etag: W/"e2e59448766bd06f5b142d3f1b31a197"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 754330af0dcc5c7a-FRA
expires: Mon, 03 Oct 2022 05:18:43 GMT

GET
H2 200 / Show response
track.omguk.com/e/qs/ 0
560 B 160ms
56ms Script
text/javascript 52.19.234.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://track.omguk.com/e/qs/?action=Content&MID=1447134&PID=33526&ref=https%3A//www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.234.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-234-130.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
content-type: text/javascript
access-control-allow-origin: *
p3p: CP="ALL CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
26 KB 51ms
19ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 03 Oct 2022 05:13:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 4QgahZkgjlPWcT2SZNznuQFeUgNOdupyMTijkNLT8ee3kRKVyFZlyHNkZJx75hRrcUPkL1XTiowME77um+IwHw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 activity
id-gmtdmp.mookie1.com/t/v2/ 43 B
641 B 340ms
282ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_774351&src.device=desktop&src.location=id&src.rand=736871664774023469
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:43 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 U7MAWJlE6hZ.png
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 1CE9 522 B
767 B 22ms
21ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/U7MAWJlE6hZ.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9ea488a5afb6c%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff213a1f9698de8%26relation%3Dparent.parent&container_width=0&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1e0380df4c498644bb12391c4d0e5c39a625113e0906a8463ae473dfa6533720

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
x-content-type-options: nosniff
content-md5: 3AqCXDpjCzTAeVl9384gMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 522
x-fb-rlafr: 0
x-fb-debug: lM9fQYD8BF0RUJkcytawOrJFvFrK2R4A7gSGHPh/KXprS1Taq77ZWCuFZZscnx/0mZUao5eqhXuJZupvVNbahw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 28 Sep 2023 00:21:42 GMT

GET
H2 200 combined.css.h-393099160.pack
upgrade-cdn-prd.plusgrade.com/offer/ Frame 627E 98 KB
17 KB 829ms
753ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/combined.css.h-393099160.pack
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 / pack:tag
Resource Hash: de00a543120ad30304350de0735bd3642e8c5bf7a74b1b25d473a67ecaa3b84a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: gzip
via: kong/0.12.3, 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA56-P6
etag: pack-393099160
x-powered-by: pack:tag
x-kong-proxy-latency: 0
content-type: text/css;charset=utf-8
x-kong-upstream-latency: 1
cache-control: private
x-cache: Miss from cloudfront
x-robots-tag: noindex
x-amz-cf-id: 03nFYEfUne1QdXIQoUUoUu6aso4Ajjj7em3KA-beDofET6j6PhbAuQ==
expires: Thu, 30 Sep 2032 05:13:44 GMT

GET
H2 200 combined.js.h-1914596992.pack Show response
upgrade-cdn-prd.plusgrade.com/offer/ Frame 627E 89 KB
32 KB 1026ms
950ms Script
text/javascript 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/combined.js.h-1914596992.pack
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 / pack:tag
Resource Hash: a3e3a0d80de5ff750a60a4416ba89dce7156c9d4a765b4b358567e2ca87dbb3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: gzip
via: kong/0.12.3, 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA56-P6
etag: pack-1914596992
x-powered-by: pack:tag
x-kong-proxy-latency: 0
content-type: text/javascript;charset=utf-8
x-kong-upstream-latency: 2
cache-control: private
x-cache: Miss from cloudfront
x-robots-tag: noindex
x-amz-cf-id: nCO-FulUziBihpapvPcwG-jJ6aUjQm3cSIeJB4YJLTpYiKD82hCOhg==
expires: Thu, 30 Sep 2032 05:13:44 GMT

GET
H2 200 combined.css.h-257728711.pack
upgrade-cdn-prd.plusgrade.com/offer/ Frame 627E 23 KB
5 KB 841ms
766ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/combined.css.h-257728711.pack
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 / pack:tag
Resource Hash: 45602df5bf0b09f9877b018a3c5929bd96d7b1ab21a74e312df9cb9e809cc683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: gzip
via: kong/0.12.3, 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-powered-by: pack:tag
x-kong-proxy-latency: 0
x-cache: Miss from cloudfront
x-kong-upstream-latency: 3
content-length: 4353
server: Apache-Coyote/1.1
etag: pack-257728711
content-type: text/css;charset=utf-8
cache-control: private
x-robots-tag: noindex
x-amz-cf-id: jOaBOCWWpXO8ZBJ94Q5l8PLzcd4ECbu2E4XX7OiGKBmitIlp-nPf6Q==
expires: Thu, 30 Sep 2032 05:13:44 GMT

GET
H2 200 lookup.js Show response
upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/ Frame 627E 336 KB
337 KB 952ms
877ms Script
text/javascript 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: c1da456e04605416658f83e9c0a57516823f086afc69fed73b2f61a2ef0c8009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:44 GMT
via: kong/0.12.3, 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA56-P6
x-kong-proxy-latency: 0
x-cache: Miss from cloudfront
content-language: en
content-type: text/javascript;charset=UTF-8
x-kong-upstream-latency: 20
cache-control: no-cache, no-store
x-robots-tag: noindex
x-amz-cf-id: NjzIGjyDYUqNbBQMpJTfqtD9HFjW9iHlM0vwZ7J9e_4zSH4ZU8CAOA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame AC0A 52 KB
24 KB 41ms
33ms Stylesheet
text/css 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=75ia5mka7pn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 20:08:24 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame AC0A 392 KB
156 KB 74ms
66ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 37E0 52 KB
24 KB 44ms
39ms Stylesheet
text/css 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 20:08:24 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 37E0 392 KB
156 KB 92ms
87ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

GET
H3 200 IxmmwNrzymy.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/ Frame 1CE9 540 KB
142 KB 37ms
34ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/IxmmwNrzymy.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f581c10eadbb1b0b2a2ced0bc3489a98867230027e97a066b88e43f6cedd6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: A3PBT2OYWTUSelPdbaL+wg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 145684
x-fb-rlafr: 0
x-fb-debug: QAIsirisx/+VO+UAJoQF9mCm14RwsIv9csJMudQOo/Md1yIMWbftez8q6PBWKmutof9v2l/MzaGyh8NzsLUdbQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 30 Sep 2023 20:03:22 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame B9D0 52 KB
24 KB 44ms
43ms Stylesheet
text/css 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 20:08:24 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame B9D0 392 KB
156 KB 82ms
81ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

GET
H3 200 U7MAWJlE6hZ.png
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame F717 522 B
573 B 29ms
28ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/U7MAWJlE6hZ.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2cc3f61fd17324%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff213a1f9698de8%26relation%3Dparent.parent&container_width=0&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1e0380df4c498644bb12391c4d0e5c39a625113e0906a8463ae473dfa6533720

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
x-content-type-options: nosniff
content-md5: 3AqCXDpjCzTAeVl9384gMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 522
x-fb-rlafr: 0
x-fb-debug: lM9fQYD8BF0RUJkcytawOrJFvFrK2R4A7gSGHPh/KXprS1Taq77ZWCuFZZscnx/0mZUao5eqhXuJZupvVNbahw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Sep 2023 00:21:42 GMT

GET
H2 200 combined.css.h-393099160.pack
upgrade-cdn-prd.plusgrade.com/offer/ Frame 8B9A 98 KB
17 KB 1227ms
1219ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/combined.css.h-393099160.pack
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 / pack:tag
Resource Hash: de00a543120ad30304350de0735bd3642e8c5bf7a74b1b25d473a67ecaa3b84a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: gzip
via: kong/0.12.3, 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA56-P6
etag: pack-393099160
x-powered-by: pack:tag
x-kong-proxy-latency: 0
content-type: text/css;charset=utf-8
x-kong-upstream-latency: 3
cache-control: private
x-cache: Miss from cloudfront
x-robots-tag: noindex
x-amz-cf-id: YnTSx3uHp88d4RydZvgX3o1Uq1R4Io4b0I6NZ_EYcGnRM_G-sR-FwQ==
expires: Thu, 30 Sep 2032 05:13:44 GMT

GET
H2 200 combined.js.h-1914596992.pack Show response
upgrade-cdn-prd.plusgrade.com/offer/ Frame 8B9A 89 KB
32 KB 495ms
486ms Script
text/javascript 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/combined.js.h-1914596992.pack
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 / pack:tag
Resource Hash: a3e3a0d80de5ff750a60a4416ba89dce7156c9d4a765b4b358567e2ca87dbb3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: gzip
via: kong/0.12.3, 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA56-P6
etag: pack-1914596992
x-powered-by: pack:tag
x-kong-proxy-latency: 0
content-type: text/javascript;charset=utf-8
x-kong-upstream-latency: 2
cache-control: private
x-cache: Miss from cloudfront
x-robots-tag: noindex
x-amz-cf-id: _xCk_u4SLFSmdJ_hZ3-Tndh64usSOy0tww1eyhOpJGbKapjpVG1XKw==
expires: Thu, 30 Sep 2032 05:13:43 GMT

GET
H2 200 combined.css.h-257728711.pack
upgrade-cdn-prd.plusgrade.com/offer/ Frame 8B9A 23 KB
5 KB 578ms
570ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/combined.css.h-257728711.pack
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 / pack:tag
Resource Hash: 45602df5bf0b09f9877b018a3c5929bd96d7b1ab21a74e312df9cb9e809cc683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: gzip
via: kong/0.12.3, 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-powered-by: pack:tag
x-kong-proxy-latency: 0
x-cache: Miss from cloudfront
x-kong-upstream-latency: 1
content-length: 4353
server: Apache-Coyote/1.1
etag: pack-257728711
content-type: text/css;charset=utf-8
cache-control: private
x-robots-tag: noindex
x-amz-cf-id: 1C_p_tK1G4aCrQOeRsP43PIHfCs8MjWOBV_TswvpWUfI0lWKC11DgQ==
expires: Thu, 30 Sep 2032 05:13:44 GMT

GET
H2 200 lookup.js Show response
upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/ Frame 8B9A 336 KB
337 KB 1466ms
1458ms Script
text/javascript 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: c1da456e04605416658f83e9c0a57516823f086afc69fed73b2f61a2ef0c8009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:44 GMT
via: kong/0.12.3, 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA56-P6
x-kong-proxy-latency: 0
x-cache: Miss from cloudfront
content-language: en
content-type: text/javascript;charset=UTF-8
x-kong-upstream-latency: 23
cache-control: no-cache, no-store
x-robots-tag: noindex
x-amz-cf-id: fpg3tFYMM4Fo_DPukJpuI0OHdQ2WTISK4bMtudjJFtSsDuhp6gQlyA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 IxmmwNrzymy.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/ Frame F717 540 KB
142 KB 28ms
28ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/IxmmwNrzymy.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2cc3f61fd17324%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff213a1f9698de8%26relation%3Dparent.parent&container_width=0&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f581c10eadbb1b0b2a2ced0bc3489a98867230027e97a066b88e43f6cedd6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: A3PBT2OYWTUSelPdbaL+wg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 145684
x-fb-rlafr: 0
x-fb-debug: QAIsirisx/+VO+UAJoQF9mCm14RwsIv9csJMudQOo/Md1yIMWbftez8q6PBWKmutof9v2l/MzaGyh8NzsLUdbQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 30 Sep 2023 20:03:22 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 8AF4 486 KB
116 KB 71ms
70ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-ND9GV5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

696c11d7c1bffb1fae525fd206fb90cabfc6c6649126ccc87549134c7be44b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119123
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Oct 2022 05:13:43 GMT

GET
H2 200 styles.css
secure.rentalcars.com/partners/integrations/stand-alone-app/import/template/garuda/ Frame 8AF4 4 KB
1 KB 70ms
45ms Stylesheet
text/css 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/import/template/garuda/styles.css

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ce14963bf8765e1efa838b9d10d008805158f3e7f34166a558481a994e47214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 269
cf-polished: origSize=4723
x-envoy-upstream-service-time: 314
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Feb 2022 14:07:14 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1273-5d7823be2e880-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 754330afd9b8906a-FRA
expires: Mon, 03 Oct 2022 09:13:43 GMT

GET
H2 200 styles.css
secure.rentalcars.com/partners/integrations/stand-alone-app/import/garuda/ Frame 8AF4 864 B
442 B 70ms
47ms Stylesheet
text/css 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/import/garuda/styles.css

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7899c7ff0e69c47a80cf0c3a70a4ec4a7f5d75428580fbb0623b55c6fc00e71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 269
cf-polished: origSize=1081
x-envoy-upstream-service-time: 49
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Feb 2022 14:05:09 GMT
cf-bgj: minify
server: cloudflare
etag: W/"439-5d782346f8f40-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 754330afd9b9906a-FRA
expires: Mon, 03 Oct 2022 09:13:43 GMT

GET
H2 200 en.json Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/stand-alone-data/default/ Frame 8AF4 13 KB
3 KB 152ms
131ms XHR
application/json 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/stand-alone-data/default/en.json

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d371dc0a22812195bb4393d47224eff8ca2dccf8d09d337e0b8a0bd9e564c63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 08 Feb 2022 14:06:03 GMT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
etag: W/"3379-5d78237a788c0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/json
x-envoy-upstream-service-time: 31
cf-ray: 754330afd9ba906a-FRA
x-xss-protection: 1; mode=block

GET
H2 200 en.json Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/stand-alone-data/garuda/ Frame 8AF4 932 B
1014 B 116ms
102ms XHR
application/json 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/stand-alone-data/garuda/en.json

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61eef52da89b0a6c719eab460687d6905922766792ea2c21f1cb8c06f59c2b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 08 Feb 2022 14:06:32 GMT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
etag: W/"3a4-5d78239620a00-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/json
x-envoy-upstream-service-time: 25
cf-ray: 754330afd9bb906a-FRA
x-xss-protection: 1; mode=block

GET
H2 200 garuda.html Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/partials/layout/ Frame 8AF4 3 KB
1 KB 102ms
92ms XHR
text/html 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/partials/layout/garuda.html
Requested by: Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 610b1df0ebc0df823c1bd44a3a2451cdcdb2003284970bf142a6b5d85ae878a4

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, no-store
server-timing: bon, total;dur=0.208693
cf-ray: 754330afd9bc906a-FRA

GET
H3 200 248325143618417 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/248325143618417?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb9161d6327f859c0a77c4abe352b5a887e1ddb976f9c66825594b213d8e7e13

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 03 Oct 2022 05:13:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85888
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Fx3yHSJIAtxB3gRI5oMZ8/z4k4rSsLgpNS29qHi3/HcU1/KcC5cfZ+Uhr4bpGDJRxdQ30uJssujgomB6Sbv/1w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/945725739/ 3 KB
1 KB 90ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945725739/?random=1664774023659&cv=9&fst=1664774023659&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3896fd85c1e8dc096381803f3be695adb684f9f5638d240344056ad8e52ce9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1177
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 79ms
31ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1418630142&t=pageview&_s=1&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&ul=en-us&de=UTF-8&dt=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=798656783&gjid=832512405&cid=1430314282.1664774024&tid=UA-41803108-14&_gid=2130253728.1664774024&_r=1&gtm=2wg9s05HZKLL&cg1=OFFERS&cg2=ID-EN&cd9=GA%2FID%2FEN%2FOFFERS&z=1344217708

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.garuda-indonesia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.garuda-indonesia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/943648473/ 3 KB
1 KB 72ms
58ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/943648473/?random=1664774023706&cv=9&fst=1664774023706&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&auid=2209582.1664774023&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d4b1172c84f1a8ab503c0f0c30a22adb4e55b5e687ee01cc137c60567b0ec1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1190
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/399566689/ 2 KB
2 KB 57ms
45ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/399566689/?random=1664774023707&cv=9&fst=1664774023707&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&auid=2209582.1664774023&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

2344ac475d3986fe4306b3d815599dcd451d043ee62bd88ce9fd765de38eda6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1580
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK TravelDocWidget.min.css
widget.api.traveldoc.aero/Content/ 14 KB
2 KB 39ms
39ms Stylesheet
text/css 191.237.222.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.api.traveldoc.aero/Content/TravelDocWidget.min.css
Requested by: Host: widget.api.traveldoc.aero
URL: https://widget.api.traveldoc.aero/JS/Script.js?Color=Default&Orientation=Standard&ClientContainer=submenu-traveldoc-floating&Language=en&_=1664774022607
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 191.237.222.171 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8bbc902018814d2eaa65dc57358081877376c1eaf2a3afcc4dc2724f06d08c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 05:13:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Sep 2020 13:27:47 GMT
Server: Microsoft-IIS/8.5
ETag: "80cbdfac1a85d61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2137

GET
H/1.1 200
OK GetLocations Show response
widget.api.traveldoc.aero/WidgetService.svc/JSON/ 53 KB
54 KB 228ms
110ms XHR
application/json 191.237.222.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.api.traveldoc.aero/WidgetService.svc/JSON/GetLocations?Language=en
Requested by: Host: widget.api.traveldoc.aero
URL: https://widget.api.traveldoc.aero/JS/Script.js?Color=Default&Orientation=Standard&ClientContainer=submenu-traveldoc-floating&Language=en&_=1664774022607
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 191.237.222.171 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 12d685c442d197aaea68d08837aa903efb9a93f8af81fc78adc663707458fcfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 05:13:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 54687

GET
H3

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=587180252&utmhn=www.garuda-indonesia.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&u...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41803108-2&cid=1430314282.1664774024&jid=1330955634&_v=5.7.2dc&z=587180252
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41803108-2&cid=1430314282.1664774024&jid=1330955634&_v=5.7.2dc&z=587180252&slf_rd=1&random=4230654715

42 B
63 B

134ms
65ms

Image
image/gif

2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41803108-2&cid=1430314282.1664774024&jid=1330955634&_v=5.7.2dc&z=587180252&slf_rd=1&random=4230654715

Requested by

Protocol

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:44 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41803108-2&cid=1430314282.1664774024&jid=1330955634&_v=5.7.2dc&z=587180252&slf_rd=1&random=4230654715
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CK20ucKmw_oCFZPqUQodiCcCgQ;src=8543057;type=garuda;cat=garud0;ord=5967129958603;gtm=2wg9s0;auiddc=*;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%...
adservice.google.com/ddm/fls/z/ Frame 04AD 42 B
494 B 181ms
79ms Image
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CK20ucKmw_oCFZPqUQodiCcCgQ;src=8543057;type=garuda;cat=garud0;ord=5967129958603;gtm=2wg9s0;auiddc=*;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D

Requested by

Host: 8543057.fls.doubleclick.net
URL: https://8543057.fls.doubleclick.net/activityi;dc_pre=CK20ucKmw_oCFZPqUQodiCcCgQ;src=8543057;type=garuda;cat=garud0;ord=5967129958603;gtm=2wg9s0;auiddc=2209582.1664774023;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8543057.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B9D0 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B9D0 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B9D0 2 KB
2 KB 34ms
34ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:16:38 GMT
x-content-type-options: nosniff
age: 331025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 06 Oct 2022 09:16:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B9D0 15 KB
16 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://recaptcha.net/
Origin: https://recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 496538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 27 Sep 2023 11:18:05 GMT

GET
H3 200 webworker.js
recaptcha.net/recaptcha/api2/ Frame 37E0 102 B
134 B 31ms
30ms Other
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=qoyc55e90d6x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 03 Oct 2022 05:13:44 GMT

GET
H3 200 webworker.js
recaptcha.net/recaptcha/api2/ Frame B9D0 102 B
134 B 33ms
33ms Other
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=sv5h2fjfaqck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 03 Oct 2022 05:13:44 GMT

GET
H2 200 worker-new.html Show response
garuda.api.useinsider.com/ Frame 3DFC 10 KB
3 KB 46ms
38ms Document
text/html 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garuda.api.useinsider.com/worker-new.html
Requested by: Host: garuda.api.useinsider.com
URL: https://garuda.api.useinsider.com/ins.js?id=10001306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d14eef971fe22bc95e984724c991e7a9c15aca71ee67a6f91703cabdbadf68

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 324
cache-control: public, max-age=1382400
cf-cache-status: HIT
cf-ray: 754330b2cbcd5c7a-FRA
content-encoding: br
content-type: text/html
date: Mon, 03 Oct 2022 05:13:44 GMT
expires: Wed, 19 Oct 2022 05:13:44 GMT
last-modified: Thu, 29 Sep 2022 14:46:34 GMT
server: cloudflare
vary: Accept-Encoding

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 28ms
26ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-41803108-14&cid=1430314282.1664774024&jid=798656783&gjid=832512405&_gid=2130253728.1664774024&_u=YGBACEAABAAAAC~&z=15124286

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.garuda-indonesia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 03 Oct 2022 05:13:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.garuda-indonesia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 login_button.php Show response
www.facebook.com/v6.0/plugins/ Frame 59A8 31 KB
12 KB 74ms
73ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23dd040e5f84ec%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff213a1f9698de8%26relation%3Dparent.parent&container_width=45&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c53a12b1d2f5c6a9dc923a7303107f86

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9e859339fe165b24836a01ab338dd5a45759fde490fb654f6dc3c11161be55e

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Mon, 03 Oct 2022 05:13:44 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: eWjls10RXqtce+L52hUE6zRTD8Nb0yy5HXu1X4bO1MDn6Og3zA7Bh8XStSPwqf35llLday3SIPV5ZCC7pE8z1w==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 22ms
21ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=248325143618417&ev=PageView&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&rl=&if=false&ts=1664774024158&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664774024157.1183508306&it=1664774023644&coo=false&exp=a1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Oct 2022 05:13:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 webworker.js
recaptcha.net/recaptcha/api2/ Frame AC0A 102 B
134 B 28ms
28ms Other
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=75ia5mka7pn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 03 Oct 2022 05:13:44 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 8AF4 49 KB
19 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND9GV5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 03:15:57 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 7067
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Mon, 03 Oct 2022 05:15:57 GMT

GET
H2 200 adrum-4.4.3.717.js Show response
cdn.appdynamics.com/adrum/ Frame 8AF4 63 KB
23 KB 72ms
22ms Script
application/javascript 143.204.89.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-4.4.3.717.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND9GV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-24.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: f652a403a343af5f7d5f4999168960f55aed86bbdff472ef4da0fa8fbd81ef5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 17:25:06 GMT
content-encoding: gzip
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1079318
x-cache: Hit from cloudfront
last-modified: Mon, 23 Apr 2018 23:58:01 GMT
server: nginx/1.16.1
etag: W/"5ade7309-fbb8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cPpgQ0EF8KLu3rXI8FfjTlWDYGBSaWpuaUqW09A0mfUbbDkb3-fBCQ==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 37ms
36ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-41803108-14&cid=1430314282.1664774024&jid=798656783&_u=YGBACEAABAAAAC~&z=1813308858

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 128ms
57ms Image
image/gif 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-41803108-14&cid=1430314282.1664774024&jid=798656783&_u=YGBACEAABAAAAC~&z=1813308858

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 U7MAWJlE6hZ.png
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 59A8 522 B
573 B 19ms
19ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/U7MAWJlE6hZ.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23dd040e5f84ec%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff213a1f9698de8%26relation%3Dparent.parent&container_width=45&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1e0380df4c498644bb12391c4d0e5c39a625113e0906a8463ae473dfa6533720

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
x-content-type-options: nosniff
content-md5: 3AqCXDpjCzTAeVl9384gMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 522
x-fb-rlafr: 0
x-fb-debug: lM9fQYD8BF0RUJkcytawOrJFvFrK2R4A7gSGHPh/KXprS1Taq77ZWCuFZZscnx/0mZUao5eqhXuJZupvVNbahw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Sep 2023 00:21:42 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/945725739/ 42 B
64 B 72ms
71ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/945725739/?random=1664774023659&cv=9&fst=1664773200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&fmt=3&is_vtc=1&random=522467563&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/945725739/ 42 B
64 B 63ms
62ms Image
image/gif 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/945725739/?random=1664774023659&cv=9&fst=1664773200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&fmt=3&is_vtc=1&random=522467563&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/943648473/ 42 B
64 B 68ms
67ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/943648473/?random=1664774023706&cv=9&fst=1664773200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&async=1&fmt=3&is_vtc=1&random=3031265841&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/943648473/ 42 B
64 B 60ms
60ms Image
image/gif 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/943648473/?random=1664774023706&cv=9&fst=1664773200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&async=1&fmt=3&is_vtc=1&random=3031265841&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/399566689/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/399566689/?random=730211253&cv=9&fst=1664774023707&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/399566689/?random=730211253&cv=9&fst=1664774023707&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.de/pagead/1p-conversion/399566689/?random=730211253&cv=9&fst=1664774023707&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...

42 B
64 B

66ms
66ms

Image
image/gif

2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/399566689/?random=730211253&cv=9&fst=1664774023707&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&auid=2209582.1664774023&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=EktDaEVJOE8za21RWVE5NTI1M2Fha3YtM2FBUklqQUhncS1hcWNjSUhaS1lpcEZQaDA2aHEybExsaVY4WmwxZXlMU2pDdTVnZ0FYNVEaVkNoRUk4TzNrbVFZUV81R183dkdkelliQUFSSXJBRG1LQ2phRlFoZkRQYVBlU2RQVnVjdHdSMERrYlNKZW8ySW1GMmFtek1INFNaa0xFOW1lclE5QmR3&is_vtc=1&ocp_id=h286Y9PMLfqG9fgPs7GP4As&cid=CAQSKQCsnQUxMVy7MvqV4M6Ylb_gZ0AMv2RmChkexzNWWwb10TA8o2xU7XJxIBM&eitems=ChAI8O3kmQYQwcPDqPLRtoIzEh0AW3dUTArto7EHmJ9HfecYO8KA6DiXslvH6qKzkQ&random=2175896330&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hDKKbZCZuGE7tzkbUv8XRU7dtbFqGpHAoWe9NULqtiksuyA4klkt8k2-8biiyxYqsIfBdMhgvsZ8gnTDJyUeNQi

Requested by

Protocol

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/399566689/?random=730211253&cv=9&fst=1664774023707&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&auid=2209582.1664774023&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=EktDaEVJOE8za21RWVE5NTI1M2Fha3YtM2FBUklqQUhncS1hcWNjSUhaS1lpcEZQaDA2aHEybExsaVY4WmwxZXlMU2pDdTVnZ0FYNVEaVkNoRUk4TzNrbVFZUV81R183dkdkelliQUFSSXJBRG1LQ2phRlFoZkRQYVBlU2RQVnVjdHdSMERrYlNKZW8ySW1GMmFtek1INFNaa0xFOW1lclE5QmR3&is_vtc=1&ocp_id=h286Y9PMLfqG9fgPs7GP4As&cid=CAQSKQCsnQUxMVy7MvqV4M6Ylb_gZ0AMv2RmChkexzNWWwb10TA8o2xU7XJxIBM&eitems=ChAI8O3kmQYQwcPDqPLRtoIzEh0AW3dUTArto7EHmJ9HfecYO8KA6DiXslvH6qKzkQ&random=2175896330&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hDKKbZCZuGE7tzkbUv8XRU7dtbFqGpHAoWe9NULqtiksuyA4klkt8k2-8biiyxYqsIfBdMhgvsZ8gnTDJyUeNQi
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IxmmwNrzymy.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/ Frame 59A8 540 KB
142 KB 20ms
20ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/IxmmwNrzymy.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23dd040e5f84ec%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff213a1f9698de8%26relation%3Dparent.parent&container_width=45&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f581c10eadbb1b0b2a2ced0bc3489a98867230027e97a066b88e43f6cedd6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: A3PBT2OYWTUSelPdbaL+wg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 145684
x-fb-rlafr: 0
x-fb-debug: QAIsirisx/+VO+UAJoQF9mCm14RwsIv9csJMudQOo/Md1yIMWbftez8q6PBWKmutof9v2l/MzaGyh8NzsLUdbQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 30 Sep 2023 20:03:22 GMT

GET
H3 200 bframe Show response
recaptcha.net/recaptcha/api2/ Frame 71B3 7 KB
1 KB 33ms
30ms Document
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b99620a33388574b5efbd1a23b1cd1c815a51be43802126f2c350ddd25955483

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9Ob8HCCIJ4BZZlHlr-e_pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-9Ob8HCCIJ4BZZlHlr-e_pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:13:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
recaptcha.net/recaptcha/api2/ Frame AE61 7 KB
1 KB 30ms
30ms Document
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8ca8c1b227c4ed301d58fdba4c8b0a58307f0dd6e47b040148a806d26196164

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Oo8V-FFkpEWVGgb3C4eUEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-Oo8V-FFkpEWVGgb3C4eUEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:13:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
recaptcha.net/recaptcha/api2/ Frame 44DD 7 KB
1 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d3113e982ca5894327684fe02c925bf65690eaaf164940312bad2c7f391e0f53

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bpeEBR_1-H8QsyuujrEc_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1116
content-security-policy: script-src 'report-sample' 'nonce-bpeEBR_1-H8QsyuujrEc_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:13:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 71B3 52 KB
24 KB 37ms
36ms Stylesheet
text/css 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 20:08:24 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 71B3 392 KB
156 KB 38ms
37ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

GET
H2 200 1664774024592855eec3056.7c3b6559 Show response
segment.api.useinsider.com/v4/segments/ 927 B
770 B 111ms
65ms XHR
application/json 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.api.useinsider.com/v4/segments/1664774024592855eec3056.7c3b6559?partnerid=10001306&fields=840717911cdadec97a4de7edb820a350,ba0efa73f658fd0ea7f992a20d120f4b&
Requested by: Host: garuda.api.useinsider.com
URL: https://garuda.api.useinsider.com/ins.js?id=10001306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bdee3e2e973d16f00ac23acf70b46bb762ffeef358471e2017baad3fdf84779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-ray: 754330b5f8309ba7-FRA

GET
H2 200 / Show response
location.api.useinsider.com/ 248 B
579 B 103ms
61ms XHR
application/json 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://location.api.useinsider.com/?v=2&pId=10001306&
Requested by: Host: garuda.api.useinsider.com
URL: https://garuda.api.useinsider.com/ins.js?id=10001306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 442622c86932e9a11110c8915a17c3f0d3ecbaabaffe7361a8cde0700bb949cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: application/json
cache-control: no-cache, private
cf-ray: 754330b619999a15-FRA

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
139 B 76ms
74ms Image
image/gif 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5nYXJ1ZGEtaW5kb25lc2lhLmNvbS9pZC9lbi9zcGVjaWFsLW9mZmVycy9zYWxlcy1wcm9tb3Rpb24vdHJhdmVsLXZvdWNoZXI%2FaW5zTmx0Q21wSWQ9MTc2MjQmaW5zTmx0U2xkdD0xMDA4MCZpc0luc05sdENtcD0xJnV0bV9jYW1wYWlnbj1IVVRfTWFuZGlyaTI0JnV0bV9jb250ZW50PWVuXzAxb2N0JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc3RhdHVzPXRydWUmdXRtX3Rlcm09IiwicmVmZXJlciI6Imh0dHBzOi8vd3d3LmdhcnVkYS1pbmRvbmVzaWEuY29tL2lkL2VuL3NwZWNpYWwtb2ZmZXJzL3NhbGVzLXByb21vdGlvbi90cmF2ZWwtdm91Y2hlcj9pbnNObHRDbXBJZD0xNzYyNCZpbnNObHRTbGR0PTEwMDgwJmlzSW5zTmx0Q21wPTEmdXRtX2NhbXBhaWduPUhVVF9NYW5kaXJpMjQmdXRtX2NvbnRlbnQ9ZW5fMDFvY3QmdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWVtYWlsJnV0bV9zdGF0dXM9dHJ1ZSZ1dG1fdGVybT0iLCJ1c2VySWQiOiIxNjY0Nzc0MDI0NTkyODU1ZWVjMzA1Ni43YzNiNjU1OSIsInBsYXRmb3JtIjoid2ViIiwiY3VzdG9tU2VnbWVudElkIjoyLCJsb2dUeXBlIjoiaW1wcmVzc2lvbiJ9&t=cs&pn=garuda
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754330b5e8745c7a-FRA
content-length: 42
content-type: image/gif

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame AE61 52 KB
24 KB 35ms
34ms Stylesheet
text/css 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 20:08:24 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame AE61 392 KB
156 KB 37ms
37ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 44DD 52 KB
24 KB 35ms
34ms Stylesheet
text/css 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 20:08:24 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 44DD 392 KB
156 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

POST
H2 200 beakerV2 Show response
secure.rentalcars.com/js/ Frame 4C28 690 B
653 B 171ms
171ms Fetch
application/json 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.rentalcars.com/js/beakerV2?d=secure.rentalcars.com
Requested by: Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/js/beakerV2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720c3054025fe041d92554c98ee3059bc9c486f02306f6c484cbfa1aa7e18754

Request headers

Accept: application/json; charset=utf-8
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
server-timing: bon, total;dur=1.378376
cf-ray: 754330b61996906a-FRA

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 60ms
58ms Image
image/gif 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5nYXJ1ZGEtaW5kb25lc2lhLmNvbS9pZC9lbi9zcGVjaWFsLW9mZmVycy9zYWxlcy1wcm9tb3Rpb24vdHJhdmVsLXZvdWNoZXI%2FaW5zTmx0Q21wSWQ9MTc2MjQmaW5zTmx0U2xkdD0xMDA4MCZpc0luc05sdENtcD0xJnV0bV9jYW1wYWlnbj1IVVRfTWFuZGlyaTI0JnV0bV9jb250ZW50PWVuXzAxb2N0JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc3RhdHVzPXRydWUmdXRtX3Rlcm09IiwicmVmZXJlciI6Imh0dHBzOi8vd3d3LmdhcnVkYS1pbmRvbmVzaWEuY29tL2lkL2VuL3NwZWNpYWwtb2ZmZXJzL3NhbGVzLXByb21vdGlvbi90cmF2ZWwtdm91Y2hlcj9pbnNObHRDbXBJZD0xNzYyNCZpbnNObHRTbGR0PTEwMDgwJmlzSW5zTmx0Q21wPTEmdXRtX2NhbXBhaWduPUhVVF9NYW5kaXJpMjQmdXRtX2NvbnRlbnQ9ZW5fMDFvY3QmdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWVtYWlsJnV0bV9zdGF0dXM9dHJ1ZSZ1dG1fdGVybT0iLCJ1c2VySWQiOiIxNjY0Nzc0MDI0NTkyODU1ZWVjMzA1Ni43YzNiNjU1OSIsInBsYXRmb3JtIjoid2ViIiwib3JpZ2luYWxQcmljZSI6MCwib3JpZ2luYWxDdXJyZW5jeSI6IklEUiIsImNvbnZlcnRlZEN1cnJlbmN5IjoiSURSIiwiY29udmVydGVkUHJpY2UiOjAsInNlc3Npb25JZCI6Ik5XOTJlbk00T1hrdE16UmxjQzFpT1daaUxXMDBObTh0TW01dGJqQnVhbU52TVdrMVh6RTJOalEzTnpRd01qVT0iLCJzYWxlc1Nlc0lkIjoiIiwic2FsZXNTZXNUaW1lIjoidW5kZWZpbmVkLTE2NjQ3NzQwMjUiLCJvcmRlcklkIjoiIiwicGFpZFByb2R1Y3RzIjoiW10iLCJjYW1wSWQiOiJjNzAiLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=garuda
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754330b638ef5c7a-FRA
content-length: 42
content-type: image/gif

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
22ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1418630142&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&ul=en-us&de=UTF-8&dt=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=Save%20User%20Informations%20-%20Inmail-impressions-custom&el=(builder%20ID%3A%20488)%20-%20Variation%20Ratio%3A%20100%25&_utma=46826104.1430314282.1664774024.1664774024.1664774024.1&_utmz=46826104.1664774024.1.1.utmcsr%3Demail%7Cutmccn%3DHUT_Mandiri24%7Cutmcmd%3Demail%7Cutmcct%3Den_01oct&_utmht=1664774024659&_u=aGDCCEABBAAAAC~&jid=&gjid=&cid=1430314282.1664774024&tid=UA-41803108-14&_gid=2130253728.1664774024&gtm=2wg9s05HZKLL&z=408934603

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 02:51:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8555
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 59ms
58ms Image
image/gif 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5nYXJ1ZGEtaW5kb25lc2lhLmNvbS9pZC9lbi9zcGVjaWFsLW9mZmVycy9zYWxlcy1wcm9tb3Rpb24vdHJhdmVsLXZvdWNoZXI%2FaW5zTmx0Q21wSWQ9MTc2MjQmaW5zTmx0U2xkdD0xMDA4MCZpc0luc05sdENtcD0xJnV0bV9jYW1wYWlnbj1IVVRfTWFuZGlyaTI0JnV0bV9jb250ZW50PWVuXzAxb2N0JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc3RhdHVzPXRydWUmdXRtX3Rlcm09IiwicmVmZXJlciI6Imh0dHBzOi8vd3d3LmdhcnVkYS1pbmRvbmVzaWEuY29tL2lkL2VuL3NwZWNpYWwtb2ZmZXJzL3NhbGVzLXByb21vdGlvbi90cmF2ZWwtdm91Y2hlcj9pbnNObHRDbXBJZD0xNzYyNCZpbnNObHRTbGR0PTEwMDgwJmlzSW5zTmx0Q21wPTEmdXRtX2NhbXBhaWduPUhVVF9NYW5kaXJpMjQmdXRtX2NvbnRlbnQ9ZW5fMDFvY3QmdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWVtYWlsJnV0bV9zdGF0dXM9dHJ1ZSZ1dG1fdGVybT0iLCJ1c2VySWQiOiIxNjY0Nzc0MDI0NTkyODU1ZWVjMzA1Ni43YzNiNjU1OSIsInBsYXRmb3JtIjoid2ViIiwib3JpZ2luYWxQcmljZSI6MCwib3JpZ2luYWxDdXJyZW5jeSI6IklEUiIsImNvbnZlcnRlZEN1cnJlbmN5IjoiSURSIiwiY29udmVydGVkUHJpY2UiOjAsInNlc3Npb25JZCI6Ik5XOTJlbk00T1hrdE16UmxjQzFpT1daaUxXMDBObTh0TW01dGJqQnVhbU52TVdrMVh6RTJOalEzTnpRd01qVT0iLCJzYWxlc1Nlc0lkIjoiIiwic2FsZXNTZXNUaW1lIjoidW5kZWZpbmVkLTE2NjQ3NzQwMjUiLCJvcmRlcklkIjoiIiwicGFpZFByb2R1Y3RzIjoiW10iLCJjYW1wSWQiOiJjNzYiLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=garuda
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754330b649035c7a-FRA
content-length: 42
content-type: image/gif

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1418630142&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&ul=en-us&de=UTF-8&dt=GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=Pricing%20Psychology-impressions-custom&el=(builder%20ID%3A%20506)%20-%20Variation%20Ratio%3A%20100%25&_utma=46826104.1430314282.1664774024.1664774024.1664774024.1&_utmz=46826104.1664774024.1.1.utmcsr%3Demail%7Cutmccn%3DHUT_Mandiri24%7Cutmcmd%3Demail%7Cutmcct%3Den_01oct&_utmht=1664774024670&_u=aGDCCEABBAAAAC~&jid=&gjid=&cid=1430314282.1664774024&tid=UA-41803108-14&_gid=2130253728.1664774024&gtm=2wg9s05HZKLL&z=1788901528

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 02:51:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8555
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 20ms
20ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=248325143618417&ev=Microdata&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2Ftravel-voucher%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&rl=&if=false&ts=1664774024736&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22GARUDA%20INDONESIA%20TRAVEL%20VOUCHER%20-%20Garuda%20Indonesia%22%2C%22meta%3Akeywords%22%3A%22voucher%20garuda%2C%20garuda%20indonesia%20travel%20voucher%2C%20travel%20voucher%20garuda%2C%20gift%20voucher%20garuda%22%2C%22meta%3Adescription%22%3A%22A%20voucher%20issued%20by%20Garuda%20Indonesia%20with%20a%20certain%20amount.%20Now%20your%20transaction%20is%20easier%20and%20simpler%20by%20using%20Garuda%20Indonesia%20Travel%20Voucher.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664774024157.1183508306&it=1664774023644&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Oct 2022 05:13:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
328 B 76ms
62ms XHR
text/plain 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: garuda.api.useinsider.com
URL: https://garuda.api.useinsider.com/ins.js?id=10001306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.garuda-indonesia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 345ca06f-5f7e-4fde-9d67-342d44a65d45
cf-ray: 754330b6d9b69ba7-FRA
content-length: 16

GET
H2 200 adrum-ext.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.js Show response
cdn.appdynamics.com/ Frame 8AF4 49 KB
19 KB 23ms
22ms Script
application/javascript 143.204.89.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.4.3.717.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-24.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 62001c694bb883aaa50d69cec8f9682c6b0b00c1ad707963de6225f990bc5cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 05:57:18 GMT
content-encoding: gzip
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1120586
x-cache: Hit from cloudfront
last-modified: Mon, 23 Apr 2018 23:56:54 GMT
server: nginx/1.16.1
etag: W/"5ade72c6-c5db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: n8Nwru3nwK1Tpo6ozGx1SwsrJyb70meSN_A-VT2Xy34gJjF6fJY1zA==

GET
H2 200 jquery-ui-pg-marketing.custom.css
upgrade-cdn-prd.plusgrade.com/offer/css/ Frame 627E 23 KB
23 KB 19ms
18ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/css/jquery-ui-pg-marketing.custom.css
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8e9ec1d5df91e6faf2cedb2ccb4f804a23e498634741cb7dc83281b9ccd5b67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:51:47 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2019 06:40:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 1318
etag: "1dd981e79092c955ba8865e377f3087f"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 23530
x-amz-cf-id: YngZfkEBS-nudyABi5jcz8YFtd_gvrDiHkpHf1eF22lZn5WlVq6bUQ==

GET
H2 200 marketing.css
upgrade-cdn-prd.plusgrade.com/offer/css/ Frame 627E 2 KB
2 KB 19ms
19ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/css/marketing.css
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9eb7feb44b258b98248cef01f3d74c49f2e18c30c246e2b35cbe71a2ef371694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:51:47 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2019 06:40:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 1318
etag: "7fe4dc0351d2090259cad34ad4e2875b"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1660
x-amz-cf-id: OU3BXS4QJF6CeLYPlrIMwBh0AlPs-Drw3hD7XIafgwUUbSml7LgsVg==

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 627E 98 B
1 KB 115ms
115ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16203698092100068828_1664774024762&code=marketing.pnr.lookup.check.eligibility&application=consumer-app&lang=en&_=1664774024797
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 8d9621ceb7bfa71c61c564e5e3e393e50eaf820c89f79e4402a477ee4a3c35cd

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 9
date: Mon, 03 Oct 2022 05:13:44 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 627E 117 B
1 KB 113ms
113ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16203698092100068828_1664774024763&code=marketing.pnr.lookup.validation&application=consumer-app&lang=en&_=1664774024798
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 74aa4cc2cf9c728fe868f8c254a1800fc3afc858c9b6eed412a2e8388a89162c

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 6
date: Mon, 03 Oct 2022 05:13:44 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 627E 67 B
1 KB 115ms
115ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16203698092100068828_1664774024764&code=marketing.pnr.lookup.validation.required&application=consumer-app&lang=en&_=1664774024798
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 487f012f5c4800deaa738dfe29eedffdb6be3879e3ccbbadb1d10c8b39f3bf5b

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 9
date: Mon, 03 Oct 2022 05:13:44 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 627E 66 B
1 KB 113ms
113ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16203698092100068828_1664774024765&code=marketing.pnr.lookup.validation.invalid&application=consumer-app&lang=en&_=1664774024798
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 17c56a12bcbd836175e2683aef783d1fdc7f7e96fba1059ca7accd565cd9e713

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 7
date: Mon, 03 Oct 2022 05:13:44 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 627E 117 B
1 KB 114ms
114ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16203698092100068828_1664774024766&code=marketing.pnr.lookup.eligible.error&application=consumer-app&lang=en&_=1664774024799
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: a2d8a775067365fe519847cf44e4b0c9daa4f5422bd8bae01495b86f85f00892

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 7
date: Mon, 03 Oct 2022 05:13:44 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 opt-in-dialog.css
assets.api.useinsider.com/css/ 3 KB
1 KB 37ms
36ms Stylesheet
text/css 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.api.useinsider.com/css/opt-in-dialog.css

Requested by

Host: garuda.api.useinsider.com
URL: https://garuda.api.useinsider.com/ins.js?id=10001306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 51333
cf-polished: origSize=4371
x-xss-protection: 1
pragma: public
cf-bgj: minify
last-modified: Thu, 29 Sep 2022 14:46:34 GMT
server: cloudflare
etag: W/"6335afca-1113"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 754330b71a185c7a-FRA
expires: Thu, 06 Oct 2022 05:13:44 GMT

GET
H2 200 native-push-sdk.js Show response
eitri.api.useinsider.com/static/ 18 KB
6 KB 39ms
39ms Script
application/javascript 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eitri.api.useinsider.com/static/native-push-sdk.js
Requested by: Host: garuda.api.useinsider.com
URL: https://garuda.api.useinsider.com/ins.js?id=10001306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59864b38f0bf2e4ee8fd08023312fbcf79c915590d177ed935ec06f30970898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
x-amz-version-id: Ys3EoxRy8ZlSFFYDaXVSGodD7zy9J_4L
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 09:05:46 GMT
server: cloudflare
x-amz-request-id: CD9FEBDTHW9G7JAN
age: 364
etag: W/"a54bea94924cc6ef7c818a7132dbc087"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 754330b71a1a5c7a-FRA
x-amz-id-2: mHoufNByIkYEfHRMtK8NYTnngIsIk3cXqe3KHVHjIwl4P+ogAiHu19z2haRyxpBF3LbbKhazJ/o=
expires: Mon, 03 Oct 2022 05:18:44 GMT

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
301 B 59ms
59ms XHR
text/plain 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: garuda.api.useinsider.com
URL: https://garuda.api.useinsider.com/ins.js?id=10001306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.garuda-indonesia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: bb8955b6-73f6-435f-8607-3d3860e78996
cf-ray: 754330b74a9a9ba7-FRA
content-length: 16

GET
H2 200 adrum-xd.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.html Show response
cdn.appdynamics.com/ Frame E2E5 2 KB
2 KB 20ms
20ms Document
text/html 143.204.89.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-xd.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.html
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-24.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 3cc12075cc87131f3818b8a13899d9bb22676277d7b79de7fdda2165fd8b08d0

Request headers

Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
age: 2344101
cache-control: public, max-age=2678400, s-max-age=14400
content-encoding: gzip
content-type: text/html
date: Tue, 06 Sep 2022 02:05:23 GMT
etag: W/"5adf6e6a-7e2"
last-modified: Tue, 24 Apr 2018 17:50:34 GMT
server: nginx/1.16.1
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-id: Ikqnr0r5DAVsGRq0ohucHmsx6fWRRV6bBR2CBAiwyyk2if25xuS0VA==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 58ms
58ms Image
image/gif 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5nYXJ1ZGEtaW5kb25lc2lhLmNvbS9pZC9lbi9zcGVjaWFsLW9mZmVycy9zYWxlcy1wcm9tb3Rpb24vdHJhdmVsLXZvdWNoZXI%2FaW5zTmx0Q21wSWQ9MTc2MjQmaW5zTmx0U2xkdD0xMDA4MCZpc0luc05sdENtcD0xJnV0bV9jYW1wYWlnbj1IVVRfTWFuZGlyaTI0JnV0bV9jb250ZW50PWVuXzAxb2N0JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc3RhdHVzPXRydWUmdXRtX3Rlcm09IiwicmVmZXJlciI6Imh0dHBzOi8vd3d3LmdhcnVkYS1pbmRvbmVzaWEuY29tL2lkL2VuL3NwZWNpYWwtb2ZmZXJzL3NhbGVzLXByb21vdGlvbi90cmF2ZWwtdm91Y2hlcj9pbnNObHRDbXBJZD0xNzYyNCZpbnNObHRTbGR0PTEwMDgwJmlzSW5zTmx0Q21wPTEmdXRtX2NhbXBhaWduPUhVVF9NYW5kaXJpMjQmdXRtX2NvbnRlbnQ9ZW5fMDFvY3QmdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWVtYWlsJnV0bV9zdGF0dXM9dHJ1ZSZ1dG1fdGVybT0iLCJ1c2VySWQiOiIxNjY0Nzc0MDI0NTkyODU1ZWVjMzA1Ni43YzNiNjU1OSIsInBsYXRmb3JtIjoid2ViIiwidCI6InN0b3JlTG9nIiwidHlwZSI6IndlYlB1c2giLCJsb2dUeXBlIjoibmF0aXZlLXBlcm1pc3Npb24taW1wcmVzc2lvbiIsImJyb3dzZXIiOiJDaHJvbWUiLCJpc01vYmlsZSI6ZmFsc2UsInVzZXJJRCI6IjE2NjQ3NzQwMjQ1OTI4NTVlZWMzMDU2LjdjM2I2NTU5IiwibGFuZ3VhZ2UiOiJlbl9VUyJ9&t=w&pn=garuda
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754330b78b025c7a-FRA
content-length: 42
content-type: image/gif

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 60ms
59ms Image
image/gif 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5nYXJ1ZGEtaW5kb25lc2lhLmNvbS9pZC9lbi9zcGVjaWFsLW9mZmVycy9zYWxlcy1wcm9tb3Rpb24vdHJhdmVsLXZvdWNoZXI%2FaW5zTmx0Q21wSWQ9MTc2MjQmaW5zTmx0U2xkdD0xMDA4MCZpc0luc05sdENtcD0xJnV0bV9jYW1wYWlnbj1IVVRfTWFuZGlyaTI0JnV0bV9jb250ZW50PWVuXzAxb2N0JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc3RhdHVzPXRydWUmdXRtX3Rlcm09IiwicmVmZXJlciI6Imh0dHBzOi8vd3d3LmdhcnVkYS1pbmRvbmVzaWEuY29tL2lkL2VuL3NwZWNpYWwtb2ZmZXJzL3NhbGVzLXByb21vdGlvbi90cmF2ZWwtdm91Y2hlcj9pbnNObHRDbXBJZD0xNzYyNCZpbnNObHRTbGR0PTEwMDgwJmlzSW5zTmx0Q21wPTEmdXRtX2NhbXBhaWduPUhVVF9NYW5kaXJpMjQmdXRtX2NvbnRlbnQ9ZW5fMDFvY3QmdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWVtYWlsJnV0bV9zdGF0dXM9dHJ1ZSZ1dG1fdGVybT0iLCJ1c2VySWQiOiIxNjY0Nzc0MDI0NTkyODU1ZWVjMzA1Ni43YzNiNjU1OSIsInBsYXRmb3JtIjoid2ViIiwidCI6InN0b3JlTG9nIiwidHlwZSI6IndlYlB1c2giLCJsb2dUeXBlIjoicHVzaC1yZXF1ZXN0IiwiYnJvd3NlciI6IkNocm9tZSIsImlzTW9iaWxlIjpmYWxzZSwidXNlcklEIjoiMTY2NDc3NDAyNDU5Mjg1NWVlYzMwNTYuN2MzYjY1NTkiLCJsYW5ndWFnZSI6ImVuX1VTIn0%3D&t=w&pn=garuda
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:13:44 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754330b78b055c7a-FRA
content-length: 42
content-type: image/gif

GET
H2 200 jquery-ui-pg-marketing.custom.css
upgrade-cdn-prd.plusgrade.com/offer/css/ Frame 8B9A 23 KB
23 KB 19ms
18ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/css/jquery-ui-pg-marketing.custom.css
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8e9ec1d5df91e6faf2cedb2ccb4f804a23e498634741cb7dc83281b9ccd5b67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:51:47 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2019 06:40:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 1319
etag: "1dd981e79092c955ba8865e377f3087f"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 23530
x-amz-cf-id: WROLza9OUJMwnSdGJ1TK-N9cAA8QtQ_b_crLMoSDOqt3-YNJ81sEkw==

GET
H2 200 marketing.css
upgrade-cdn-prd.plusgrade.com/offer/css/ Frame 8B9A 2 KB
2 KB 19ms
19ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/css/marketing.css
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9eb7feb44b258b98248cef01f3d74c49f2e18c30c246e2b35cbe71a2ef371694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:51:47 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2019 06:40:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 1319
etag: "7fe4dc0351d2090259cad34ad4e2875b"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1660
x-amz-cf-id: enICfrccC8KOXaF-NYeLZ5_VMBTL1gDC96H2dYEISyz_3-GuX-y34g==

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 8B9A 98 B
1 KB 119ms
118ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16208405730160280687_1664774025300&code=marketing.pnr.lookup.check.eligibility&application=consumer-app&lang=en&_=1664774025308
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 8fdf19ec9973e7eed6c4922c14960dc6ffcae25c4e771fa5528eab7306a4a189

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 12
date: Mon, 03 Oct 2022 05:13:45 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 8B9A 117 B
1 KB 112ms
112ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16208405730160280687_1664774025301&code=marketing.pnr.lookup.validation&application=consumer-app&lang=en&_=1664774025308
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: c233728022e0fc64edf67b5e2d7721ee007a1d7006284b0978be106586e95343

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 6
date: Mon, 03 Oct 2022 05:13:45 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 8B9A 67 B
1 KB 119ms
119ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16208405730160280687_1664774025302&code=marketing.pnr.lookup.validation.required&application=consumer-app&lang=en&_=1664774025308
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: acec960ff41e65ffc3cf6f305baa541ed496b4543965e929422fc4a05142bce9

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 13
date: Mon, 03 Oct 2022 05:13:45 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 8B9A 66 B
1 KB 114ms
113ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16208405730160280687_1664774025303&code=marketing.pnr.lookup.validation.invalid&application=consumer-app&lang=en&_=1664774025309
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 7d2de707a9d0a694ad4658501ae85313d31d142c47864184957a700457e4e7a2

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 7
date: Mon, 03 Oct 2022 05:13:45 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 8B9A 117 B
1 KB 117ms
117ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16208405730160280687_1664774025304&code=marketing.pnr.lookup.eligible.error&application=consumer-app&lang=en&_=1664774025309
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: ffb11ce8157c2c9777de10fa2a66bfb1c465af63c79686675d592033b67649aa

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 11
date: Mon, 03 Oct 2022 05:13:45 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

POST
H2 200 rum Show response
www.garuda-indonesia.com/cdn-cgi/ 0
216 B 58ms
57ms XHR
text/plain 2606:4700::6812:ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/travel-voucher?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=HUT_Mandiri24&utm_content=en_01oct&utm_medium=email&utm_source=email&utm_status=true&utm_term=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
content-type: application/json

Response headers

date: Mon, 03 Oct 2022 05:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.garuda-indonesia.com
content-type: text/plain
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 754330ba6b7cbbb3-FRA

POST
H2 200 adrum Show response
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAK-BUH/ Frame 8AF4 0
721 B 592ms
187ms XHR
text/html 44.229.87.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAK-BUH/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.229.87.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-229-87-250.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:13:46 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
access-control-allow-headers: origin, content-type, accept
expires: 0

Verdicts & Comments Add Verdict or Comment

339 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.garuda-indonesia.com/	1970-01-20 06:26:15	Name: __cf_bm Value: ITb3_6EIuPiqG4.mis2MLTH2VOLQ5Qab.8eGkIuS2k0-1664774022-0-AeJyI3PjU+zOoL+KwPms7zfwAwQdY7oxaj9T808YBkbEKHvIB4ITaLc9onYTXyRuL0rgNPdxrJttnVcYL5NSUJE=
.garuda-indonesia.com/	1970-01-20 15:11:50	Name: galocid Value: id
.garuda-indonesia.com/	1970-01-20 15:11:50	Name: galangid Value: en
.garuda-indonesia.com/	1970-01-20 08:35:50	Name: _gcl_au Value: 1.1.2209582.1664774023
.www.garuda-indonesia.com/	1970-01-20 16:02:14	Name: G_ENABLED_IDPS Value: google
.google.com/	1970-01-20 10:49:45	Name: NID Value: 511=DUtfa9VD9FuOqGJDruk3hkvnAobqkrgqPEAVbTCEVOQrPYerEDyniU0MPCDhg-2TH4ZjVKq8OeUmKqGifcTjBmxk-RADscIKsdivPuFMdd5gtLcnuixSsHfutC6uyjJjCzD47OmCdBPjmm5XRrH0-8yocgF6ciEjIyEGwX4TtBk
.garuda-indonesia.com/	1970-01-20 06:27:40	Name: datautmz Value: undefined
.useinsider.com/	1970-01-20 06:26:15	Name: __cf_bm Value: b9YibOX_7VoHEHnjPb4B.zbyyrDcuOGsOFJgdKsPEUU-1664774023-0-AWx7mDyZAiy667GSlCTZ8afSBMkzoP/bUJ/AViU+uPpFzNfu71RoClsLfLfvKJwJw8ZoE6hFloht6ocjfiYbs7s=
track.omguk.com/	1970-01-20 07:52:41	Name: OMG-Channel-1447134 Value: Channel%3Demail
track.omguk.com/	1970-01-20 07:52:41	Name: OMGID Value: UUserID%3D%7B34620688-b4dc-4c49-a531-aa6573444d01%7D
track.omguk.com/	1970-01-20 06:26:15	Name: OMGSession Value: SessionID%3Dd120e6ec28bb4f56942a447cf138187c%26SessionCount%3D0
.garuda-indonesia.com/	1970-01-20 16:02:14	Name: _ga Value: GA1.2.1430314282.1664774024
.garuda-indonesia.com/	1970-01-20 06:27:40	Name: _gid Value: GA1.2.2130253728.1664774024
.garuda-indonesia.com/	1970-01-20 06:26:14	Name: _gat_UA-41803108-14 Value: 1
.doubleclick.net/	1970-01-20 15:47:50	Name: IDE Value: AHWqTUkEFiv6xwDB3py6yR_CjzXnc0NGIqar-c1nuxSq60uPkKksGmPTDh6bMaK7
.garuda-indonesia.com/	1970-01-20 16:02:14	Name: __utma Value: 46826104.1430314282.1664774024.1664774024.1664774024.1
.garuda-indonesia.com/	1969-12-31 23:59:59	Name: __utmc Value: 46826104
.garuda-indonesia.com/	1970-01-20 10:49:02	Name: __utmz Value: 46826104.1664774024.1.1.utmcsr=email\|utmccn=HUT_Mandiri24\|utmcmd=email\|utmcct=en_01oct
.garuda-indonesia.com/	1970-01-20 06:26:14	Name: __utmt Value: 1
.garuda-indonesia.com/	1970-01-20 06:26:15	Name: __utmb Value: 46826104.1.10.1664774024
.mookie1.com/	1970-01-20 15:55:02	Name: id Value: 10523153114135859812
.mookie1.com/	1970-01-20 15:55:02	Name: mdata Value: 1\|10523153114135859812\|1664774023671
.mookie1.com/	1970-01-20 15:55:02	Name: ov Value: 503ad6adba403198dddafc30e3815fd6
www.garuda-indonesia.com/	1969-12-31 23:59:59	Name: ssn Value: 8BA85AB6988553399F5DC60107F873AC07BFCCE198CDDFCD2871A8D062E904C863447DF56A108BD9
.garuda-indonesia.com/	1970-01-20 08:35:50	Name: _fbp Value: fb.1.1664774024157.1183508306
.garuda-indonesia.com/	1970-01-20 06:27:40	Name: cartVisited Value: false
upgrade.plusgrade.com/	1970-01-20 06:36:18	Name: AWSALBCORS Value: 4czcnqbbbFcfik8B/JUq3tedbHdhdhlcv8AOUj21jPuHGTlmUwqvfqirWtokKvwWAWPiUAH8IX+/XEUZjsKPqRLFrF55BzSWeIe9C+MjPaxFL+V8b241ngavUK6n

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Regular.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-SemiBold.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Bold.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-SemiBold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-SemiBold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://www.googleadservices.com/pagead/conversion.js(Line 26) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8543057.fls.doubleclick.net
accounts.google.com
adservice.google.com
apis.google.com
assets.api.useinsider.com
cdn.appdynamics.com
col.eum-appdynamics.com
connect.facebook.net
d1adj61x0fgvmc.cloudfront.net
eitri.api.useinsider.com
fonts.googleapis.com
fonts.gstatic.com
garuda.api.useinsider.com
googleads.g.doubleclick.net
hit.api.useinsider.com
id-gmtdmp.mookie1.com
location.api.useinsider.com
log.api.useinsider.com
recaptcha.net
secure.rentalcars.com
segment.api.useinsider.com
static.cloudflareinsights.com
static.xx.fbcdn.net
stats.g.doubleclick.net
track.omguk.com
u14189904.ct.sendgrid.net
upgrade-cdn-prd.plusgrade.com
upgrade.plusgrade.com
widget.api.traveldoc.aero
www.facebook.com
www.garuda-indonesia.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.16.105.108
108.138.7.22
142.250.185.98
142.250.186.166
143.204.89.24
167.89.123.16
191.237.222.171
2600:9000:214f:800:b:2370:c500:93a1
2606:4700:440e::ac40:9c1a
2606:4700:7::a29f:853d
2606:4700:7::a29f:863d
2606:4700::6812:ac0
2a00:1450:4001:806::200d
2a00:1450:4001:806::200e
2a00:1450:4001:809::2004
2a00:1450:4001:812::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:400c:c00::9c
2a00:1450:400d:805::2003
2a00:1450:400d:807::2003
2a00:1450:400d:807::2008
2a00:1450:400d:80c::2002
2a00:1450:400e:801::200a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.200.208.201
35.227.202.26
44.229.87.250
52.19.234.130
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b3c698921474308b46d25f4ae5597d05e81bdd853353785690c6e9823aebf71
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0d94effcdff37af72df93111227eae455859a0bc8adab80204b0617a28d27405
10ce47be2fd189fa573e0be0a36f686aca67101b9fd56f0b557772525fabfbf2
12d685c442d197aaea68d08837aa903efb9a93f8af81fc78adc663707458fcfb
16ddfaa559c5bdae53a3e6a95c8d7a8a931973699907607688b084c1cb715854
17c56a12bcbd836175e2683aef783d1fdc7f7e96fba1059ca7accd565cd9e713
1a37012cdf1ddece12a47e7063c3a2fa3bf2e490a24f4ac4a295cbc5a6c2c0e5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e0380df4c498644bb12391c4d0e5c39a625113e0906a8463ae473dfa6533720
2344ac475d3986fe4306b3d815599dcd451d043ee62bd88ce9fd765de38eda6f
2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db
27b9713d94a7e074d50e4a75dddf4c5577999644df2d3912d2d774e3ce908583
298072c116af171b0f09af4c992a5e762e04b7894b542079c4bc8ea05279acc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c2024815992a351f6a71d22550e5b636b739a77085862568d8d21cc610b5b62
2ca56b2d38c8d7cecc5b20d0ddb9c4d69e05488da0206fcc59f54710d5f8d6bd
2ec56136b79e74afa2cfe34a774b70ba961bfd68e667f0a9289bfa3114abe20d
3152618b9e2928faf063b4c95beb16abe4ba7bd2217f692b385cb2b1b2c77427
380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44
3896fd85c1e8dc096381803f3be695adb684f9f5638d240344056ad8e52ce9d8
3909a4a17a47921ad787a844e05f0c3fb39d23906426fb39a3ce2495ea9e9f0f
3b452e46ee174574b2038927aa871d1b5ad51bd94adb3dcc76073cd97841135c
3bca31dd337180c989c0af8bd301323411041faf620326d8ddd9505bd4574f93
3cc12075cc87131f3818b8a13899d9bb22676277d7b79de7fdda2165fd8b08d0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42ce80bb624d65ffa4a22816d53aaba30b207fd7cf4aeb7c1cb105e5bfe4aa93
430c4d457d3ceb4b453ecd5f98a6b7a8d2e8b6551c10fe24519d76834d2d699d
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
442622c86932e9a11110c8915a17c3f0d3ecbaabaffe7361a8cde0700bb949cf
44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6
45602df5bf0b09f9877b018a3c5929bd96d7b1ab21a74e312df9cb9e809cc683
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
487f012f5c4800deaa738dfe29eedffdb6be3879e3ccbbadb1d10c8b39f3bf5b
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4bdee3e2e973d16f00ac23acf70b46bb762ffeef358471e2017baad3fdf84779
4ce14963bf8765e1efa838b9d10d008805158f3e7f34166a558481a994e47214
53d966f39e621b4ebbea44474d3f04dd95c5316e2772b30c33cdefe2849b9834
551cacdeb3af7f286ff2f063fe607f616df064ef0c24177fc277d5bf5044c15b
5d4b1172c84f1a8ab503c0f0c30a22adb4e55b5e687ee01cc137c60567b0ec1b
5d9289d80c8a0f25016c5512c537f8b11f71a2fab4024bfd0a036d4ea9bec629
608aadc2860f69c9733d2dadb9c805115f1cdd062cbb9de9187fc74056e2f7c3
610b1df0ebc0df823c1bd44a3a2451cdcdb2003284970bf142a6b5d85ae878a4
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61eef52da89b0a6c719eab460687d6905922766792ea2c21f1cb8c06f59c2b72
62001c694bb883aaa50d69cec8f9682c6b0b00c1ad707963de6225f990bc5cc0
64637d4aa992515b6d20291d5df4a9be804a35fd67937901b899a294bfeb7a95
65440f24f26abf351390af6c013c889e4a071ac973d450c57d697a856a0b88a9
68ed33f482be91ade98b780487b7aeb9056326b28ab3411a47b272ab48f48320
696c11d7c1bffb1fae525fd206fb90cabfc6c6649126ccc87549134c7be44b95
6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1
70d14eef971fe22bc95e984724c991e7a9c15aca71ee67a6f91703cabdbadf68
720c3054025fe041d92554c98ee3059bc9c486f02306f6c484cbfa1aa7e18754
74aa4cc2cf9c728fe868f8c254a1800fc3afc858c9b6eed412a2e8388a89162c
77e7a8743d17c250ac39be238d7472f22a436006e596335d5fe90f8289471ee7
7899c7ff0e69c47a80cf0c3a70a4ec4a7f5d75428580fbb0623b55c6fc00e71b
7c7642d20295b984fa043d105552963fa5da85f5544bd14f15b7a448e89c2227
7d2de707a9d0a694ad4658501ae85313d31d142c47864184957a700457e4e7a2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89ca5ede9037036a6eb0a569b49bbff1f1f477803416f27fbccc2199a77163dd
8a462cb1a7e647d7cfdc4ead4541db9834b49f774afde67ca7931d6c76f8550a
8a946a08f157a09df1f78099b80821d3a5c7967d5c824d6ed8f8e78ed7d354a8
8bbc902018814d2eaa65dc57358081877376c1eaf2a3afcc4dc2724f06d08c96
8d9621ceb7bfa71c61c564e5e3e393e50eaf820c89f79e4402a477ee4a3c35cd
8fdf19ec9973e7eed6c4922c14960dc6ffcae25c4e771fa5528eab7306a4a189
901d88fa4ca22353f5f5e573e7925dd50fd983337fdd50a73a566cb3222334ad
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
92fdaf28b8a4d93678a8bc86cc0fd8f2922bd959810f7f2606be1c56bbe45c2e
941062375e5ec293a6471bad5709e6b5fc3650a924337e990f293868795eb592
9ce1291a6c782a5263e68144f1d3c134393f58d9ab06bf8869d2347977d5896d
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9eb7feb44b258b98248cef01f3d74c49f2e18c30c246e2b35cbe71a2ef371694
9f182c5d893cce5021d158f007f1346298f950e8412b203c230d9c8f6f142bf0
9f581c10eadbb1b0b2a2ced0bc3489a98867230027e97a066b88e43f6cedd6ff
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2d8a775067365fe519847cf44e4b0c9daa4f5422bd8bae01495b86f85f00892
a3e3a0d80de5ff750a60a4416ba89dce7156c9d4a765b4b358567e2ca87dbb3b
a8d1464b4efce8a7ce0f9ad896372d9e03443c95cc19769fd7116e6b7af7cdcb
a8d505443ea9f4bdab6a6a789c5dc4bb4c6af2050090f110e9141098e023055f
a8e9ec1d5df91e6faf2cedb2ccb4f804a23e498634741cb7dc83281b9ccd5b67
aabddcf836bf9abc6ca392f036a5d3ef3d51d07a8b3cd772af15d15cdecb304a
acec960ff41e65ffc3cf6f305baa541ed496b4543965e929422fc4a05142bce9
adb46fbd75c2606f0e52cb0be59d16488c5aa07c215feb71d3e8d967fe9324b0
b59864b38f0bf2e4ee8fd08023312fbcf79c915590d177ed935ec06f30970898
b5c5be853e53cda97ca5467eef81b15470643d84a5b79f293ab130ea0f735ab4
b99620a33388574b5efbd1a23b1cd1c815a51be43802126f2c350ddd25955483
b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163
be66cc9a6d7ecf4c3d784eab53c84d41a9c643986ae142df797562964b7ac13c
c04e8bbfa057e098486ff3b17b0e46f85a5e27c89790dfefb48b57cf8f063ce9
c1da456e04605416658f83e9c0a57516823f086afc69fed73b2f61a2ef0c8009
c233728022e0fc64edf67b5e2d7721ee007a1d7006284b0978be106586e95343
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9e859339fe165b24836a01ab338dd5a45759fde490fb654f6dc3c11161be55e
d0078a00437cee42f772ddbc087f1c3a7e1bca2310e1a64c26bdb9f21b27c932
d2dc1e37905a74e9cfbd08742681e1475f24ead019db864d2255fc1f6af8f144
d3113e982ca5894327684fe02c925bf65690eaaf164940312bad2c7f391e0f53
d371dc0a22812195bb4393d47224eff8ca2dccf8d09d337e0b8a0bd9e564c63d
d3ac9c7d322af017cd393020b211eb170d42828625b442205f8a71549bdc40f9
d7d277ad3ded41d89d82daaa750df136efbe19dec4a0ffda83fd31d651e2d316
d82d9748622d550e9448cc827d5c0159dd095b969ae9f2df03b84cf20e65fa4e
dc1d0c8b38383a03262c2fb87cc930ce224bb50f9979870cb97091764416d077
de00a543120ad30304350de0735bd3642e8c5bf7a74b1b25d473a67ecaa3b84a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de54222aeed9f0503d5d0f11f548bf3bf9f0ae20a2ab9e8b477f0e61508d89dd
e3225c62f78158e1b20d6913eda44028d006dc1d33b61c52d4909b644dec0911
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ca8c1b227c4ed301d58fdba4c8b0a58307f0dd6e47b040148a806d26196164
ead9b6523f6f250f5ac9e6daad3ab4468406ebf45a8856cca4508ea1557232d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d463a4a998b42d90d561456acdcd90dbd4a3219382d98a6c7a775a26ff8ba9
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f652a403a343af5f7d5f4999168960f55aed86bbdff472ef4da0fa8fbd81ef5f
f6f20560981a2b709ad0b6f99186003f196973f3cc74299ad5c98438e5fced92
f8fdffcdc31327f9b595502bde2183bc278d0dd3f40e1535b1d4a6418e54f068
f914e2dd08ab144b439ac851962f79c84eda996f2bcfa9e92df03d425875856b
fb9161d6327f859c0a77c4abe352b5a887e1ddb976f9c66825594b213d8e7e13
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff8f6e2aae88247f15e51c5057b9408b807b545aa7763e623625ba1fca33cbad
ffb11ce8157c2c9777de10fa2a66bfb1c465af63c79686675d592033b67649aa

www.garuda-indonesia.com Open in urlscan Pro 2606:4700::6812:ac0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

99 %HTTPS

65 %IPv6

24 Domains

37 Subdomains

31 IPs

5 Countries

6470 kBTransfer

13872 kBSize

27 Cookies

16 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.garuda-indonesia.com Open in urlscan Pro
2606:4700::6812:ac0 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

99 %
HTTPS

65 %
IPv6

24
Domains

37
Subdomains

31
IPs

5
Countries

6470 kB
Transfer

13872 kB
Size

27
Cookies

181 HTTP transactions
5 data transactions