www.garuda-indonesia.com Open in urlscan Pro
104.18.10.192 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u14189904.ct.sendgrid.net/ls/click?upn=dAUPm36d30ZSS8ctpTykwtDK5Uujy-2BDYbPBr7ySRVXhqK1Lc3QuVpblS-2FYjQXG6aEZ8mBOkrLEk9GLg...
Effective URL:
https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCm...
Submission: On October 03 via api (October 3rd 2022, 5:11:06 am UTC) from US — Scanned from DE

Summary HTTP 190 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 24 domains to perform 190 HTTP transactions. The main IP is 104.18.10.192, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is www.garuda-indonesia.com. The Cisco Umbrella rank of the primary domain is 333714.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on August 18th 2022. Valid for: a year.

This is the only time www.garuda-indonesia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.122 167.89.123.122	11377 (SENDGRID) (SENDGRID)
37	104.18.10.192 104.18.10.192	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	142.250.201.195 142.250.201.195	15169 (GOOGLE) (GOOGLE)
4	216.58.212.136 216.58.212.136	15169 (GOOGLE) (GOOGLE)
2	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
11	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
15	172.217.20.3 172.217.20.3	15169 (GOOGLE) (GOOGLE)
1 7	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
1 9	157.240.20.35 157.240.20.35	32934 (FACEBOOK) (FACEBOOK)
3	142.250.186.173 142.250.186.173	15169 (GOOGLE) (GOOGLE)
18	104.16.105.108 104.16.105.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	34.200.208.201 34.200.208.201	14618 (AMAZON-AES) (AMAZON-AES)
1	172.64.156.26 172.64.156.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
1 2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1 3	142.250.27.154 142.250.27.154	15169 (GOOGLE) (GOOGLE)
1	13.32.121.58 13.32.121.58	16509 (AMAZON-02) (AMAZON-02)
12	162.159.133.61 162.159.133.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.128.135.179 108.128.135.179	16509 (AMAZON-02) (AMAZON-02)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
2	142.250.179.202 142.250.179.202	15169 (GOOGLE) (GOOGLE)
2 6	142.250.74.196 142.250.74.196	15169 (GOOGLE) (GOOGLE)
6	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1	142.251.39.2 142.251.39.2	15169 (GOOGLE) (GOOGLE)
12	108.138.7.22 108.138.7.22	16509 (AMAZON-02) (AMAZON-02)
3	191.237.222.171 191.237.222.171	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.159.134.61 162.159.134.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
6	143.204.89.24 143.204.89.24	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
2	52.26.189.79 52.26.189.79	16509 (AMAZON-02) (AMAZON-02)
190	31

1 167.89.123.122 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x122.outbound-mail.sendgrid.net

u14189904.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 104.18.10.192 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

www.garuda-indonesia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.201.195 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f3.1e100.net

recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.136 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.60.216.19 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.217.20.3 (United States)

ASN15169 (GOOGLE, US)
PTR: ham02s13-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.180.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 157.240.20.35 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.173 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.16.105.108 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

secure.rentalcars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.200.208.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-208-201.compute-1.amazonaws.com

upgrade.plusgrade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.156.26 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f206.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

8543057.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.27.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ra-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-58.fra60.r.cloudfront.net

d1adj61x0fgvmc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 162.159.133.61 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

garuda.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
location.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eitri.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.135.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-135-179.eu-west-1.compute.amazonaws.com

track.omguk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

id-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.179.202 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s42-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.196 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 108.138.7.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-22.fra56.r.cloudfront.net

upgrade-cdn-prd.plusgrade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 191.237.222.171 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

widget.api.traveldoc.aero	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.134.61 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

segment.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.89.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-24.fra50.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.26.189.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-189-79.us-west-2.compute.amazonaws.com

col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	garuda-indonesia.com www.garuda-indonesia.com — Cisco Umbrella Rank: 333714	917 KB
24	plusgrade.com upgrade.plusgrade.com — Cisco Umbrella Rank: 136101 upgrade-cdn-prd.plusgrade.com — Cisco Umbrella Rank: 146510	852 KB
18	rentalcars.com secure.rentalcars.com — Cisco Umbrella Rank: 180379	190 KB
16	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
13	useinsider.com garuda.api.useinsider.com — Cisco Umbrella Rank: 778924 segment.api.useinsider.com — Cisco Umbrella Rank: 21343 location.api.useinsider.com — Cisco Umbrella Rank: 22026 log.api.useinsider.com — Cisco Umbrella Rank: 15057 assets.api.useinsider.com — Cisco Umbrella Rank: 29511 eitri.api.useinsider.com — Cisco Umbrella Rank: 28206 hit.api.useinsider.com — Cisco Umbrella Rank: 17835	126 KB
12	google.com 2 redirects apis.google.com — Cisco Umbrella Rank: 109 accounts.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 76	74 KB
10	recaptcha.net recaptcha.net — Cisco Umbrella Rank: 1901	75 KB
9	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 8543057.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	25 KB
9	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 114	39 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6301 adservice.google.de — Cisco Umbrella Rank: 8962	2 KB
6	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 3146	89 KB
6	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 743	430 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	59 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	201 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	367 KB
3	traveldoc.aero widget.api.traveldoc.aero — Cisco Umbrella Rank: 688709	65 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 129	34 KB
2	eum-appdynamics.com col.eum-appdynamics.com — Cisco Umbrella Rank: 2174	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	2 KB
1	mookie1.com id-gmtdmp.mookie1.com — Cisco Umbrella Rank: 230733	640 B
1	omguk.com track.omguk.com — Cisco Umbrella Rank: 35342	563 B
1	cloudfront.net d1adj61x0fgvmc.cloudfront.net	352 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1029	5 KB
1	sendgrid.net 1 redirects u14189904.ct.sendgrid.net	525 B
190	24

	Domain	Requested by
37	www.garuda-indonesia.com	www.garuda-indonesia.com static.cloudflareinsights.com
18	secure.rentalcars.com	www.garuda-indonesia.com secure.rentalcars.com
15	www.gstatic.com	recaptcha.net accounts.google.com www.gstatic.com
12	upgrade-cdn-prd.plusgrade.com	upgrade.plusgrade.com upgrade-cdn-prd.plusgrade.com
12	upgrade.plusgrade.com	www.garuda-indonesia.com upgrade-cdn-prd.plusgrade.com
10	recaptcha.net	www.garuda-indonesia.com www.gstatic.com recaptcha.net
9	www.facebook.com	1 redirects connect.facebook.net www.garuda-indonesia.com
6	cdn.appdynamics.com	www.googletagmanager.com cdn.appdynamics.com
6	static.xx.fbcdn.net	www.facebook.com
6	www.google.de	www.garuda-indonesia.com
6	www.google.com	2 redirects www.garuda-indonesia.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.garuda-indonesia.com
5	log.api.useinsider.com	www.garuda-indonesia.com
5	connect.facebook.net	www.garuda-indonesia.com connect.facebook.net
4	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
4	www.googletagmanager.com	www.garuda-indonesia.com secure.rentalcars.com
3	widget.api.traveldoc.aero	www.garuda-indonesia.com widget.api.traveldoc.aero
3	stats.g.doubleclick.net	1 redirects www.garuda-indonesia.com www.google-analytics.com
3	accounts.google.com	apis.google.com www.garuda-indonesia.com www.gstatic.com
3	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	col.eum-appdynamics.com	cdn.appdynamics.com
2	hit.api.useinsider.com	garuda.api.useinsider.com
2	fonts.googleapis.com	secure.rentalcars.com
2	garuda.api.useinsider.com	www.googletagmanager.com garuda.api.useinsider.com
2	8543057.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	apis.google.com	www.garuda-indonesia.com apis.google.com
1	fonts.gstatic.com	recaptcha.net
1	adservice.google.de	adservice.google.com
1	eitri.api.useinsider.com	garuda.api.useinsider.com
1	assets.api.useinsider.com	garuda.api.useinsider.com
1	location.api.useinsider.com	garuda.api.useinsider.com
1	segment.api.useinsider.com	garuda.api.useinsider.com
1	adservice.google.com	8543057.fls.doubleclick.net
1	id-gmtdmp.mookie1.com	www.garuda-indonesia.com
1	track.omguk.com	www.garuda-indonesia.com
1	d1adj61x0fgvmc.cloudfront.net	www.garuda-indonesia.com
1	static.cloudflareinsights.com	www.garuda-indonesia.com
1	u14189904.ct.sendgrid.net	1 redirects
190	38

This site contains links to these domains. Also see Links.

Domain
www.railink.co.id
garudashop.garuda-indonesia.com
www.skyteam.com
sp.booking.com
www.traveldoc.aero
voucher.garuda-indonesia.com
www.worldtracer.aero
eproc.garuda-indonesia.com
paskahomologasi.garuda-indonesia.com
career.garuda-indonesia.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
www.garuda-indonesia.com GeoTrust EV RSA CA 2018	`2022-08-18` - `2023-08-23`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-12` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
secure.rentalcars.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-10-12` - `2022-11-12`	a year	crt.sh
*.plusgrade.com Amazon	`2022-02-19` - `2023-03-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2022-02-22` - `2023-02-21`	a year	crt.sh
*.omguk.com Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.api.traveldoc.aero Go Daddy Secure Certificate Authority - G2	`2022-01-09` - `2023-01-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-22`	a year	crt.sh
*.eum-appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-07-15`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
Frame ID: F38EC2F9A1E61A62C70E29CC76724D62
Requests: 97 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 4F764354B3D2FA998E52F7A78146244F
Requests: 4 HTTP requests in this frame

Frame: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
Frame ID: 1F397471262EC6AA8DFEB32EC10E289A
Requests: 15 HTTP requests in this frame

Frame: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Frame ID: 3EDD06AC3B19AF776A25EA90680CB7DC
Requests: 12 HTTP requests in this frame

Frame: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
Frame ID: A926457E6B418C99E2BE71437A38DE23
Requests: 15 HTTP requests in this frame

Frame: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Frame ID: 164E0E3D401223A5D3A4935067172A20
Requests: 12 HTTP requests in this frame

Frame: https://8543057.fls.doubleclick.net/activityi;dc_pre=CIHqvfSlw_oCFYyEUQod2HwEHw;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D
Frame ID: BA9676C1EACFAA098A6EF5327D56A9B1
Requests: 1 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=iseuola50lk4
Frame ID: CB3A3D8C4C108220464479DDEA4F8E97
Requests: 4 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=dx74bhm5h7h3
Frame ID: 7746FF4F75D2B2B60050316105D7DF87
Requests: 8 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=yuf9x5djibn9
Frame ID: 7B03F638A05AD6496A86F21C78E6C0F2
Requests: 4 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIHqvfSlw_oCFYyEUQod2HwEHw;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D
Frame ID: 15EA4004F91CDFC8D7CC2CF4E6AA421D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15a811a37482e8%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff431c81312acb%26relation%3Dparent.parent&container_width=0&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=
Frame ID: 928B4119CD953B1FF2A3B4D9FE5134C8
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa62c6bb4a44%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff431c81312acb%26relation%3Dparent.parent&container_width=0&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=
Frame ID: 4DA6935874F72DDFA48C46E9D60E6FC3
Requests: 3 HTTP requests in this frame

Frame: https://garuda.api.useinsider.com/worker-new.html
Frame ID: CD3C9A00DFCC565DD55625D24A6941CC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIHqvfSlw_oCFYyEUQod2HwEHw;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D
Frame ID: F021AA0DDF1320CC28F5F9DB711CC6CE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3686b103f308e8%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff431c81312acb%26relation%3Dparent.parent&container_width=45&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=
Frame ID: 2AA253E895AB3BFE7E4BB71326771D89
Requests: 3 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo
Frame ID: 4995DC1F93CEA61EA35825D7AD41B131
Requests: 3 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo
Frame ID: F76E0EF86580321066841AE503741593
Requests: 3 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo
Frame ID: 0A6F944DD8736A8EC6AAD15A80EC6C62
Requests: 3 HTTP requests in this frame

Frame: https://cdn.appdynamics.com/adrum-xd.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.html
Frame ID: B374BD6F38D7F531AD2DAB525E979EF3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.appdynamics.com/adrum-xd.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.html
Frame ID: FC182E91567B676204658F70248AF4F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SPECIAL 24TH BANK MANDIRI ANNIVERSARY - Garuda Indonesia

Page URL History Show full URLs

https://u14189904.ct.sendgrid.net/ls/click?upn=dAUPm36d30ZSS8ctpTykwtDK5Uujy-2BDYbPBr7ySRVXhqK1Lc3QuVpblS-2FYj... HTTP 302
https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltS... Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Insider (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.useinsider\.\w+/

Optimise (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

track\.omguk\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

190
Requests

98 %
HTTPS

0 %
IPv6

24
Domains

38
Subdomains

31
IPs

4
Countries

4904 kB
Transfer

12826 kB
Size

27
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.railink.co.id/
Title: Airport Train Ticket

Search URL Search Domain Scan URL

URL: https://garudashop.garuda-indonesia.com/

Search URL Search Domain Scan URL

URL: http://www.skyteam.com/

Search URL Search Domain Scan URL

URL: https://sp.booking.com/index.html?aid=2127874
Title: Book Hotel

Search URL Search Domain Scan URL

URL: https://www.traveldoc.aero/
Title: Powered By

Search URL Search Domain Scan URL

URL: https://voucher.garuda-indonesia.com/
Title: Travel Voucher

Search URL Search Domain Scan URL

URL: http://www.worldtracer.aero/filedsp/ga.htm
Title: Travel Voucher

Search URL Search Domain Scan URL

URL: https://eproc.garuda-indonesia.com/
Title: Procurement Online

Search URL Search Domain Scan URL

URL: https://paskahomologasi.garuda-indonesia.com/
Title: Post Homologation

Search URL Search Domain Scan URL

URL: http://career.garuda-indonesia.com/
Title: Career

Search URL Search Domain Scan URL

URL: https://www.facebook.com/garudaindonesia/

Search URL Search Domain Scan URL

URL: https://twitter.com/IndonesiaGaruda

Search URL Search Domain Scan URL

URL: https://www.instagram.com/garuda.indonesia/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GarudaIndonesia1949

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/id/app/garuda-indonesia-mobile/id961859722?mt=8&at=&ct=&ign-mpt=uo%3D6

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.ursabyte.garudaindonesiaairlines&hl=en

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u14189904.ct.sendgrid.net/ls/click?upn=dAUPm36d30ZSS8ctpTykwtDK5Uujy-2BDYbPBr7ySRVXhqK1Lc3QuVpblS-2FYjQXG6aEZ8mBOkrLEk9GLgGK60mSsvnAGZRV-2FVtE37ZN0cQLbjcGs38OuT5rpiJfbflYF9PZ2dir67iaduXzRR8wdtXecxdIi06-2FDRK0t9TnhWEouYR4BtJGRlby2It25IheBg-2FO7GTtjAP5d9ujb4qLr4exsiV-2FnRou3wdPv8ZcXhDXkwpyt0LTf9yYLTmK1xaXMdGTeIxJvbRN0d6J-2F8DK2Mk-2BVV-2FVH8TtytmmTCZBwCNJL8vIS0V38Dcf5PkPnT1eq-2BLj-2Bp9FtX0wPLYLDYgX-2F00tCyzhfNhrZ3wgXKH55uOhMuLt5VPlh9H7BHlFrKwr76Z8fBofnNJDRKa8TxVGQIvew2RZgF2xbRaHPWh10-2BxA7MdG-2FbM6y0JA2M0s5GCppeo9aRP_RSarYHuR1TFTboLaUqY9qP45x1aESfdhQuaoEdtrW-2F3-2BkQz5beR35-2Bh2l-2Bct3BNCMzZnkfIwGpUzAA-2B971eBCnay-2Biqwr1FwmfSazuUowH8Qhu2z6uZycbe6uqoPzVhcdOvv665Q5j3Nm6LAwHEqlY-2B6JvVPcB3srdwR5Aggsf-2BfQKMocBu4D27c4NZeUUdeiJKCJbxAQQ5gtt7JVyOVrFyqYDKARP16NjFPa1zluLzUSwCSQHGEOqMY-2FuMhlY8whzIVY-2FebuUfo-2Bkpd5MwtdhLIqeZ2Q7-2B2D85EE96mqWQ-2FIwl6cAs5BqtYYngfG0K9DlIhi8ww7O50BQ7SK6FrlEh9uKs50VzYuM6P5ZN5G2ukHQG-2BVkqmNqaXbKRCown3-2FUK89kusp7DMYEjMXx7BDYJXTPCRjgqftL15AOj6llik-2FYOsNRQXl6hEhrClyc0xJsAjd3GdB1gIX9OGLrNIQwwQUJHGzRM0YPJ1AOhICWc0Q2fdp-2FULd-2BVNHCYz7KhBNw-2Fi97IKH-2BQsFDngOtHAkYbdzqFRyM6Yljk9yaNNydRxRVYC6Z-2B07EX5LpshfLh6j8O6ABafUE7ZA5RVUVIJoP-2BfefqmrTZC2pyqusCQdMniJxNtsTAag5J-2BUZsGydrNxDlYHkfAk8GmSstChX-2B5Dy0BTnyc4G4SKZfEm5BDSpocBagRlx1IUAxkMcfz8jahdWsXkWyCOWijql68wC5ELBE06b8ar7pJ6E4EgFpqAPJJ1ShQXg8nXwAs8GOnTSSELP9b0FiU3tn6cUXQ1JrNr5uQi9y1DiVali9269dhFNJqB7BbwPsdpxTQQCIYPw1I HTTP 302
https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://www.facebook.com/tr/?id=2077467505731265&ev=fb_page_view&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&rl=&if=false&ts=1664773859763&sw=1600&sh=1200&at= HTTP 302
https://www.facebook.com/tr/?at=&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&ev=fb_page_view&id=2077467505731265&if=false&redirect=0&rl=&sh=1200&sw=1600&ts=1664773859763

Request Chain 56

https://8543057.fls.doubleclick.net/activityi;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D HTTP 302
https://8543057.fls.doubleclick.net/activityi;dc_pre=CIHqvfSlw_oCFYyEUQod2HwEHw;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D

Request Chain 71

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/399566689/?random=1150555630&cv=9&fst=1664773859936&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&auid=2115931848.1664773860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=4246Y4j5OoTFmLAPyOOB0AY&sscte=1&crd=CJqqsQI&eitems=ChAI8O3kmQYQwcPDqPLRtoIzEh0AW3dUTLsYSy0oMOsV0eGGHx4REZfFhTH7cRLOZQ&pscrd=Ek9DaEVJOE8za21RWVE5NTI1M2Fha3YtM2FBUkltQUhncS1hb21ZZkVubGR4dENjcU1mbDhxdFpMVjJOaWtzcnJTSWM3U3RuSmZQcVAyUC1BGlpDaEVJOE8za21RWVFfNUdfN3ZHZHpZYkFBUkl1QURtS0NqYkFTTS1SRDlQLUJFRW50alBNNWRFQktnOUtNSDh2YThlNGQ3M2pFT3pOTnh3V0J0TjVQNXprQWc HTTP 302
https://www.google.com/pagead/1p-conversion/399566689/?random=1150555630&cv=9&fst=1664773859936&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&auid=2115931848.1664773860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek9DaEVJOE8za21RWVE5NTI1M2Fha3YtM2FBUkltQUhncS1hb21ZZkVubGR4dENjcU1mbDhxdFpMVjJOaWtzcnJTSWM3U3RuSmZQcVAyUC1BGlpDaEVJOE8za21RWVFfNUdfN3ZHZHpZYkFBUkl1QURtS0NqYkFTTS1SRDlQLUJFRW50alBNNWRFQktnOUtNSDh2YThlNGQ3M2pFT3pOTnh3V0J0TjVQNXprQWc&is_vtc=1&ocp_id=4246Y4j5OoTFmLAPyOOB0AY&eitems=ChAI8O3kmQYQwcPDqPLRtoIzEh0AW3dUTJtmKU2MxrkFffYwUPrm4KFVcC0msgJOBg&random=4092535259&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/399566689/?random=1150555630&cv=9&fst=1664773859936&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&auid=2115931848.1664773860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek9DaEVJOE8za21RWVE5NTI1M2Fha3YtM2FBUkltQUhncS1hb21ZZkVubGR4dENjcU1mbDhxdFpMVjJOaWtzcnJTSWM3U3RuSmZQcVAyUC1BGlpDaEVJOE8za21RWVFfNUdfN3ZHZHpZYkFBUkl1QURtS0NqYkFTTS1SRDlQLUJFRW50alBNNWRFQktnOUtNSDh2YThlNGQ3M2pFT3pOTnh3V0J0TjVQNXprQWc&is_vtc=1&ocp_id=4246Y4j5OoTFmLAPyOOB0AY&eitems=ChAI8O3kmQYQwcPDqPLRtoIzEh0AW3dUTJtmKU2MxrkFffYwUPrm4KFVcC0msgJOBg&random=4092535259&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 103

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=654201221&utmhn=www.garuda-indonesia.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&utmhid=1405588215&utmr=-&utmp=%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D%3F%26URL%3Dwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%26wt_market%3DID%26wt_language%3DEN%26wt_device%3DDESKTOP&utmht=1664773860428&utmac=UA-41803108-2&utmcc=__utma%3D46826104.1612840651.1664773860.1664773860.1664773860.1%3B%2B__utmz%3D46826104.1664773860.1.1.utmcsr%3Demail%7Cutmccn%3DHUT_Mandiri24%7Cutmcmd%3Demail%7Cutmcct%3Den_01oct%3B&utmjid=900282191&utmredir=3&utmu=qhAAAAAACAAAAAAAAgABAAAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41803108-2&cid=1612840651.1664773860&jid=900282191&_v=5.7.2dc&z=654201221 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41803108-2&cid=1612840651.1664773860&jid=900282191&_v=5.7.2dc&z=654201221&slf_rd=1&random=199862497

190 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request HUT-MANDIRI24 Show response
www.garuda-indonesia.com/id/en/special-offers/sales-promotion/
Redirect Chain

https://u14189904.ct.sendgrid.net/ls/click?upn=dAUPm36d30ZSS8ctpTykwtDK5Uujy-2BDYbPBr7ySRVXhqK1Lc3QuVpblS-2FYjQXG6aEZ8mBOkrLEk9GLgGK60mSsvnAGZRV-2FVtE37ZN0cQLbjcGs38OuT5rpiJfbflYF9PZ2dir67iaduXzRR8...
https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_conten...

623 KB
81 KB

1118ms
784ms

Document
text/html

104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a90a00a4b9cb6d388a135510a77edb5152dc0338b0c90d6ec1016d496000429d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=3600
cf-cache-status: MISS
cf-ray: 75432ca6fd5f912e-FRA
content-disposition: inline
content-encoding: br
content-type: text/html;charset=utf-8
date: Mon, 03 Oct 2022 05:10:59 GMT
expires: Mon, 03 Oct 2022 06:10:59 GMT
last-modified: Mon, 03 Oct 2022 05:10:59 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 392
Content-Type: text/html; charset=utf-8
Date: Mon, 03 Oct 2022 05:10:58 GMT
Location: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 api.js Show response
recaptcha.net/recaptcha/ 909 B
991 B 450ms
53ms Script
text/javascript 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

GSE /

Resource Hash

d0078a00437cee42f772ddbc087f1c3a7e1bca2310e1a64c26bdb9f21b27c932

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 578
x-xss-protection: 1; mode=block
expires: Mon, 03 Oct 2022 05:10:59 GMT

GET
H2 200 clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
www.garuda-indonesia.com/etc/designs/garuda/ 634 KB
221 KB 26ms
24ms Stylesheet
text/css 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65440f24f26abf351390af6c013c889e4a071ac973d450c57d697a856a0b88a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 29 Sep 2022 22:18:38 GMT
server: cloudflare
age: 283941
cf-polished: status=cannot_optimize
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: public, max-age=604800
cf-ray: 75432cabee44912e-FRA
expires: Mon, 10 Oct 2022 05:10:59 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/ 91 KB
33 KB 49ms
47ms Script
application/javascript 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/jquery-1.10.2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 06:19:18 GMT
server: cloudflare
age: 514301
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
content-disposition: attachment
cf-ray: 75432cabee45912e-FRA
expires: Mon, 10 Oct 2022 05:10:59 GMT

GET
H2 200 jquery.newsTicker.js Show response
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/news_ticker/ 4 KB
1 KB 25ms
23ms Script
application/javascript 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/news_ticker/jquery.newsTicker.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d82d9748622d550e9448cc827d5c0159dd095b969ae9f2df03b84cf20e65fa4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432227
cf-polished: origSize=12510
content-disposition: attachment
cf-bgj: minify
last-modified: Wed, 28 Sep 2022 05:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 75432cabee46912e-FRA
expires: Mon, 10 Oct 2022 05:10:59 GMT

GET
H2 200 bootstrap-select.min.js Show response
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/ 33 KB
10 KB 33ms
31ms Script
application/javascript 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/bootstrap-select.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7d277ad3ded41d89d82daaa750df136efbe19dec4a0ffda83fd31d651e2d316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 28 Sep 2022 05:07:12 GMT
server: cloudflare
age: 432227
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
content-disposition: attachment
cf-ray: 75432cabee47912e-FRA
expires: Mon, 10 Oct 2022 05:10:59 GMT

GET
H2 200 AjaxRequest.class.js Show response
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/ 4 KB
2 KB 24ms
23ms Script
application/javascript 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/AjaxRequest.class.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c5be853e53cda97ca5467eef81b15470643d84a5b79f293ab130ea0f735ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 416098
cf-polished: origSize=14735
content-disposition: attachment
cf-bgj: minify
last-modified: Wed, 28 Sep 2022 09:36:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 75432cabee48912e-FRA
expires: Mon, 10 Oct 2022 05:10:59 GMT

GET
H2 200 jquery.validate.js Show response
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/membership/ 26 KB
7 KB 32ms
31ms Script
application/javascript 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/membership/jquery.validate.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bca31dd337180c989c0af8bd301323411041faf620326d8ddd9505bd4574f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 426262
cf-polished: origSize=40182
content-disposition: attachment
cf-bgj: minify
last-modified: Wed, 28 Sep 2022 06:46:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 75432cabee49912e-FRA
expires: Mon, 10 Oct 2022 05:10:59 GMT

GET
H2 200 clientlib-all.min.38b7a6fba6d39553394c66cfcabcd7b7.js Show response
www.garuda-indonesia.com/etc/designs/garuda/ 909 KB
231 KB 38ms
37ms Script
application/javascript 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.38b7a6fba6d39553394c66cfcabcd7b7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f914e2dd08ab144b439ac851962f79c84eda996f2bcfa9e92df03d425875856b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 28 Sep 2022 17:25:51 GMT
server: cloudflare
age: 387908
cf-polished: origSize=1127334
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=604800
cf-ray: 75432cabee4a912e-FRA
expires: Mon, 10 Oct 2022 05:10:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 364ms
25ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-681405943

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

372be624def8cdd41f99d650197254de75fb30411ab34226d6deb7581165f2ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46812
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Oct 2022 05:10:59 GMT

GET
H2 200 tanpa-pesawat.png
www.garuda-indonesia.com/content/dam/garuda/loader/ 2 KB
2 KB 28ms
27ms Image
image/webp 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/loader/tanpa-pesawat.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b3c698921474308b46d25f4ae5597d05e81bdd853353785690c6e9823aebf71

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
cf-cache-status: HIT
age: 548657
cf-polished: origFmt=png, origSize=7502
content-disposition: inline; filename="tanpa-pesawat.webp"
content-length: 1844
cf-bgj: imgq:85,h2pri
last-modified: Mon, 26 Sep 2022 20:46:42 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 75432cacbfcd912e-FRA
expires: Thu, 03 Nov 2022 05:10:59 GMT

GET
H2 200 pesawat.png
www.garuda-indonesia.com/content/dam/garuda/loader/ 1 KB
1 KB 18ms
17ms Image
image/webp 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/loader/pesawat.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca56b2d38c8d7cecc5b20d0ddb9c4d69e05488da0206fcc59f54710d5f8d6bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
cf-cache-status: HIT
age: 431898
cf-polished: origFmt=png, origSize=6593
content-disposition: inline; filename="pesawat.webp"
content-length: 1088
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Sep 2022 05:12:41 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 75432cacbfcf912e-FRA
expires: Thu, 03 Nov 2022 05:10:59 GMT

GET
H2 200 logo-loader.png
www.garuda-indonesia.com/content/dam/garuda/loader/ 4 KB
4 KB 43ms
42ms Image
image/webp 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/loader/logo-loader.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3152618b9e2928faf063b4c95beb16abe4ba7bd2217f692b385cb2b1b2c77427

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
cf-cache-status: HIT
age: 31330
cf-polished: origFmt=png, origSize=5741
content-disposition: inline; filename="logo-loader.webp"
content-length: 4192
cf-bgj: imgq:85,h2pri
last-modified: Sun, 02 Oct 2022 20:28:49 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 75432cacbfd1912e-FRA
expires: Thu, 03 Nov 2022 05:10:59 GMT

GET
H2 404 Poppins-Regular.woff2
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 23ms
23ms Font
text/html 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Regular.woff2

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 483157
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 75432cac6f32912e-FRA
expires: Mon, 03 Oct 2022 09:10:59 GMT

GET
H2 404 Poppins-Regular.woff
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 20ms
20ms Font
text/html 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Regular.woff

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 407671
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 75432cacd80e912e-FRA
expires: Mon, 03 Oct 2022 09:10:59 GMT

GET
H2 200 fontawesome-webfont.woff2
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/css/fonts/ 75 KB
76 KB 29ms
29ms Font
application/octet-stream 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/css/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 01 Oct 2022 19:52:28 GMT
server: cloudflare
age: 119911
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
content-disposition: attachment
accept-ranges: bytes
cf-ray: 75432cacd815912e-FRA
content-length: 77160
expires: Mon, 03 Oct 2022 09:10:59 GMT

GET
H2 404 Poppins-SemiBold.woff2
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 26ms
26ms Font
text/html 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-SemiBold.woff2

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 483157
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 75432cacd819912e-FRA
expires: Mon, 03 Oct 2022 09:10:59 GMT

GET
H2 200 floating-mandiri24-en.JPG
www.garuda-indonesia.com/content/dam/garuda/floating-banner/ 11 KB
11 KB 28ms
27ms Image
image/webp 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/floating-banner/floating-mandiri24-en.JPG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3225c62f78158e1b20d6913eda44028d006dc1d33b61c52d4909b644dec0911

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
cf-cache-status: HIT
age: 151133
cf-polished: qual=85, origFmt=jpeg, origSize=26985
content-disposition: inline; filename="floating-mandiri24-en.webp"
content-length: 11552
cf-bgj: imgq:85,h2pri
last-modified: Sat, 01 Oct 2022 11:12:06 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75432cace829912e-FRA
expires: Mon, 03 Oct 2022 09:10:59 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 373ms
23ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

sffe /

Resource Hash

2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 05:10:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "95a07626e083cec6"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 05:10:59 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 338ms
9ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

bae70b6c0c16c18ec7adab648dd330784a17e8ce108c2794598a9641c989326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.garuda-indonesia.com/
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 05:10:59 GMT
content-md5: kw/ycpWISJufo+FOeYcMeg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: aRKfHv+O5G4Ye3K9L4YpFwvPR3QRZ/ti0XbpD5LT8Rt/p4Zr9+F9TRxIEtTWS6KDT7cUusvaEWQwss7/Lg/z7A==
x-fb-trip-id: 2050670934
x-fb-content-md5: 5906ef26e83eb6b21d9196f0faae779f
cross-origin-opener-policy: same-origin-allow-popups
etag: "6a02992c2c4324bbcb48284d8127eb86"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Mon, 03 Oct 2022 05:12:38 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 337ms
8ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

bae70b6c0c16c18ec7adab648dd330784a17e8ce108c2794598a9641c989326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 05:10:59 GMT
content-md5: kw/ycpWISJufo+FOeYcMeg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: aRKfHv+O5G4Ye3K9L4YpFwvPR3QRZ/ti0XbpD5LT8Rt/p4Zr9+F9TRxIEtTWS6KDT7cUusvaEWQwss7/Lg/z7A==
x-fb-trip-id: 917726464
x-fb-content-md5: 5906ef26e83eb6b21d9196f0faae779f
cross-origin-opener-policy: same-origin-allow-popups
etag: "6a02992c2c4324bbcb48284d8127eb86"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Mon, 03 Oct 2022 05:12:38 GMT

GET
H2 200 logoGmiles-2x.png
www.garuda-indonesia.com/content/dam/garuda/logo/ 3 KB
3 KB 19ms
19ms Image
image/webp 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/logo/logoGmiles-2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

941062375e5ec293a6471bad5709e6b5fc3650a924337e990f293868795eb592

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
cf-cache-status: HIT
age: 346856
cf-polished: origFmt=png, origSize=5908
content-disposition: inline; filename="logoGmiles-2x.webp"
content-length: 2828
cf-bgj: imgq:85,h2pri
last-modified: Thu, 29 Sep 2022 04:50:03 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 75432cace82f912e-FRA
expires: Thu, 03 Nov 2022 05:10:59 GMT

GET
DATA 200
OK truncated
/ 22 KB
22 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b452e46ee174574b2038927aa871d1b5ad51bd94adb3dcc76073cd97841135c

Request headers

Referer
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 21 KB
21 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92fdaf28b8a4d93678a8bc86cc0fd8f2922bd959810f7f2606be1c56bbe45c2e

Request headers

Referer
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 21 KB
21 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c7642d20295b984fa043d105552963fa5da85f5544bd14f15b7a448e89c2227

Request headers

Referer
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 404 Poppins-Bold.woff2
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 21ms
21ms Font
text/html 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Bold.woff2

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 328977
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 75432cacf85d912e-FRA
expires: Mon, 03 Oct 2022 09:10:59 GMT

GET
H2 404 Poppins-Regular.ttf
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 23ms
21ms Font
text/html 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Regular.ttf

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 426328
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 75432cad087b912e-FRA
expires: Mon, 03 Oct 2022 09:10:59 GMT

GET
H2 200 gshop_logo.png
www.garuda-indonesia.com/content/dam/garuda/logo/ 3 KB
3 KB 20ms
20ms Image
image/webp 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/logo/gshop_logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a946a08f157a09df1f78099b80821d3a5c7967d5c824d6ed8f8e78ed7d354a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
cf-cache-status: HIT
age: 346856
cf-polished: origFmt=png, origSize=9540
content-disposition: inline; filename="gshop_logo.webp"
content-length: 2978
cf-bgj: imgq:85,h2pri
last-modified: Thu, 29 Sep 2022 04:50:03 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 75432cad087d912e-FRA
expires: Thu, 03 Nov 2022 05:10:59 GMT

GET
H2 200 logoGA-2x.png
www.garuda-indonesia.com/content/dam/garuda/logo/ 7 KB
7 KB 23ms
22ms Image
image/webp 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/logo/logoGA-2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff8f6e2aae88247f15e51c5057b9408b807b545aa7763e623625ba1fca33cbad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
cf-cache-status: HIT
age: 328976
cf-polished: origFmt=png, origSize=14648
content-disposition: inline; filename="logoGA-2x.webp"
content-length: 7426
cf-bgj: imgq:85,h2pri
last-modified: Thu, 29 Sep 2022 09:48:03 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 75432cad087f912e-FRA
expires: Thu, 03 Nov 2022 05:10:59 GMT

GET
H2 404 Poppins-SemiBold.woff
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 20ms
20ms Font
text/html 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-SemiBold.woff

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 483146
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 75432cad1891912e-FRA
expires: Mon, 03 Oct 2022 09:10:59 GMT

GET
H2 404 Poppins-Bold.woff
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 28ms
27ms Font
text/html 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Bold.woff

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 79431
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 75432cad189d912e-FRA
expires: Mon, 03 Oct 2022 09:10:59 GMT

GET
H2 404 Poppins-SemiBold.ttf
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 23ms
23ms Font
text/html 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-SemiBold.ttf

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 426328
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 75432cad38ce912e-FRA
expires: Mon, 03 Oct 2022 09:10:59 GMT

GET
H2 404 Poppins-Bold.ttf
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/ 0
0 19ms
19ms Font
text/html 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Bold.ttf

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 486839
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=14400
content-disposition: inline
cf-ray: 75432cad48eb912e-FRA
expires: Mon, 03 Oct 2022 09:10:59 GMT

GET
H2 200 landing-mandiri24-en.JPG
www.garuda-indonesia.com/content/dam/garuda/offers/ 154 KB
154 KB 25ms
24ms Image
image/webp 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/offers/landing-mandiri24-en.JPG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c811c3c4868830bf69d5a8b1da5bd3497a3a3e68d2ad4b359e7680c9ee7f9088

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
cf-cache-status: HIT
age: 65720
cf-polished: qual=85, origFmt=jpeg, origSize=292551
content-disposition: inline; filename="landing-mandiri24-en.webp"
content-length: 157270
cf-bgj: imgq:85,h2pri
last-modified: Sun, 02 Oct 2022 10:55:39 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75432cae1a4d912e-FRA
expires: Mon, 03 Oct 2022 09:10:59 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ 392 KB
157 KB 408ms
29ms Script
text/javascript 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.garuda-indonesia.com/
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 149ms
54ms Script
text/javascript 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-681405943

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 05:10:59 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 300 KB
85 KB 8ms
7ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=4ff171b788730b72738d95487daf070a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

285de02294e9c3316c932b5e0bd7db5440ecf91d9067018db2647843d6f9bca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.garuda-indonesia.com/
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 05:10:59 GMT
content-md5: o5df0aLosK/aHcUc1vrQgA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86930
x-fb-rlafr: 0
x-fb-debug: apTV+/7r20J++8tD2pKnBlPBo2b6R0iNRHaBXa4xy9uG9sOgsWizSTrdy/fM9d0w90iYPcE6FfI+28EEsTcAYw==
x-fb-trip-id: 2050670934
x-fb-content-md5: 55815d4995bfe8b83eab76a4a4a8b6b6
cross-origin-opener-policy: same-origin-allow-popups
etag: "ab458131fb31c0945019f201309d99a4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 03 Oct 2023 02:54:17 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=signin2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 140 KB
47 KB 15ms
14ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=signin2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

sffe /

Resource Hash

a8d1464b4efce8a7ce0f9ad896372d9e03443c95cc19769fd7116e6b7af7cdcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 10:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48050
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 10:12:46 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 362ms
45ms Fetch
text/plain 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=2077467505731265&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4ff171b788730b72738d95487daf070a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Mon, 03 Oct 2022 05:11:00 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 7V7hSzxCWb/9j3TERzNVVzNqg1gQmkvUfo56QquuNwN8Oae+GuIqdH6OE21Y1lqqHjCkJZhuAYJiCESLJCzNXA==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.garuda-indonesia.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 326ms
9ms Image
text/plain 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2077467505731265&ev=fb_page_view&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&rl=&if=false&ts=1664773859762&sw=1600&sh=1200&at=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Oct 2022 05:11:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=2077467505731265&ev=fb_page_view&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNl...
https://www.facebook.com/tr/?at=&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%...

0
31 B

308ms
7ms

Image
text/plain

157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?at=&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&ev=fb_page_view&id=2077467505731265&if=false&redirect=0&rl=&sh=1200&sw=1600&ts=1664773859763

Requested by

Protocol

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Oct 2022 05:11:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

Redirect headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
content-type: text/plain
location: /tr/?at=&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&ev=fb_page_view&id=2077467505731265&if=false&redirect=0&rl=&sh=1200&sw=1600&ts=1664773859763
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 4F76 280 B
1 KB 409ms
45ms Document
text/html 142.250.186.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=signin2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.173 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f13.1e100.net

Software

ESF /

Resource Hash

7e451b43913e763ebf143a3fd9b109a28b7d70070a107b0aadffd03aa0a52b41

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-UcVKCJBdEKZ789MCoh8SJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-UcVKCJBdEKZ789MCoh8SJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:11:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/ Frame 1F39 4 KB
2 KB 170ms
138ms Document
text/html 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

551cacdeb3af7f286ff2f063fe607f616df064ef0c24177fc277d5bf5044c15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 75432cb01c906937-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 05:10:59 GMT
last-modified: Tue, 08 Feb 2022 14:03:26 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-envoy-upstream-service-time: 53
x-xss-protection: 1; mode=block

GET
H2 200 Garuda Show response
upgrade.plusgrade.com/offer/ Frame 3EDD 4 KB
5 KB 332ms
117ms Document
text/html 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68ed33f482be91ade98b780487b7aeb9056326b28ab3411a47b272ab48f48320

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-language: en
content-type: text/html;charset=utf-8
date: Mon, 03 Oct 2022 05:11:00 GMT
server: Apache-Coyote/1.1
via: kong/0.12.3
x-kong-proxy-latency: 0
x-kong-upstream-latency: 18
x-robots-tag: noindex

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/681405943/ 3 KB
1 KB 451ms
61ms Script
text/javascript 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/681405943/?random=1664773859829&cv=9&fst=1664773859829&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&auid=2115931848.1664773860&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

bb9eabbfac1e1955d6180a50d270c3296e25abfe11fcfba55dc11247cb586fc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1224
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/ Frame A926 4 KB
2 KB 199ms
173ms Document
text/html 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

551cacdeb3af7f286ff2f063fe607f616df064ef0c24177fc277d5bf5044c15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 75432cb01c926937-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 05:11:00 GMT
last-modified: Tue, 08 Feb 2022 14:03:26 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-envoy-upstream-service-time: 44
x-xss-protection: 1; mode=block

GET
H2 200 Garuda Show response
upgrade.plusgrade.com/offer/ Frame 164E 4 KB
5 KB 405ms
196ms Document
text/html 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68ed33f482be91ade98b780487b7aeb9056326b28ab3411a47b272ab48f48320

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-language: en
content-type: text/html;charset=utf-8
date: Mon, 03 Oct 2022 05:11:00 GMT
server: Apache-Coyote/1.1
via: kong/0.12.3
x-kong-proxy-latency: 0
x-kong-upstream-latency: 18
x-robots-tag: noindex

GET
H2 200 logoSkyteam-2x.jpg
www.garuda-indonesia.com/content/dam/garuda/logo/ 6 KB
6 KB 23ms
21ms Image
image/webp 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/logo/logoSkyteam-2x.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10ce47be2fd189fa573e0be0a36f686aca67101b9fd56f0b557772525fabfbf2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
cf-cache-status: HIT
age: 320480
cf-polished: qual=85, origFmt=jpeg, origSize=31236
content-disposition: inline; filename="logoSkyteam-2x.webp"
content-length: 5942
cf-bgj: imgq:85,h2pri
last-modified: Thu, 29 Sep 2022 12:09:39 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 75432caffd86912e-FRA
expires: Thu, 03 Nov 2022 05:10:59 GMT

GET
H2 200 icn-store-apple-2x.png
www.garuda-indonesia.com/content/dam/garuda/ 3 KB
3 KB 20ms
18ms Image
image/webp 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/icn-store-apple-2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adb46fbd75c2606f0e52cb0be59d16488c5aa07c215feb71d3e8d967fe9324b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
cf-cache-status: HIT
age: 330241
cf-polished: origFmt=png, origSize=8976
content-disposition: inline; filename="icn-store-apple-2x.webp"
content-length: 3058
cf-bgj: imgq:85,h2pri
last-modified: Thu, 29 Sep 2022 09:26:58 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 75432caffd87912e-FRA
expires: Thu, 03 Nov 2022 05:10:59 GMT

GET
H2 200 icn-store-google-2x.png
www.garuda-indonesia.com/content/dam/garuda/ 4 KB
4 KB 24ms
22ms Image
image/webp 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/icn-store-google-2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be66cc9a6d7ecf4c3d784eab53c84d41a9c643986ae142df797562964b7ac13c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
cf-cache-status: HIT
age: 328975
cf-polished: origFmt=png, origSize=10109
content-disposition: inline; filename="icn-store-google-2x.webp"
content-length: 3996
cf-bgj: imgq:85,h2pri
last-modified: Thu, 29 Sep 2022 09:48:04 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 75432caffd89912e-FRA
expires: Thu, 03 Nov 2022 05:10:59 GMT

GET
H2 200 logo_white.png
www.garuda-indonesia.com/content/dam/garuda/new-revamp/ 4 KB
5 KB 20ms
19ms Image
image/webp 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/new-revamp/logo_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9289d80c8a0f25016c5512c537f8b11f71a2fab4024bfd0a036d4ea9bec629

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
cf-cache-status: HIT
age: 346856
cf-polished: origFmt=png, origSize=6574
content-disposition: inline; filename="logo_white.webp"
content-length: 4534
cf-bgj: imgq:85,h2pri
last-modified: Thu, 29 Sep 2022 04:50:03 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 75432caffd8a912e-FRA
expires: Thu, 03 Nov 2022 05:10:59 GMT

GET
H2 200 wbcc-2018-large-text.png
www.garuda-indonesia.com/content/dam/garuda/ 16 KB
16 KB 21ms
20ms Image
image/webp 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/wbcc-2018-large-text.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de54222aeed9f0503d5d0f11f548bf3bf9f0ae20a2ab9e8b477f0e61508d89dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
cf-cache-status: HIT
age: 328975
cf-polished: origFmt=png, origSize=25385
content-disposition: inline; filename="wbcc-2018-large-text.webp"
content-length: 15920
cf-bgj: imgq:85,h2pri
last-modified: Thu, 29 Sep 2022 09:48:04 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 75432caffd8c912e-FRA
expires: Thu, 03 Nov 2022 05:10:59 GMT

GET
H2 200 5starcovidwhite.png
www.garuda-indonesia.com/content/dam/garuda/ 16 KB
16 KB 26ms
25ms Image
image/webp 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.garuda-indonesia.com/content/dam/garuda/5starcovidwhite.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

608aadc2860f69c9733d2dadb9c805115f1cdd062cbb9de9187fc74056e2f7c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
cf-cache-status: HIT
age: 330241
cf-polished: origFmt=png, origSize=27629
content-disposition: inline; filename="5starcovidwhite.webp"
content-length: 16306
cf-bgj: imgq:85,h2pri
last-modified: Thu, 29 Sep 2022 09:26:58 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 75432caffd8d912e-FRA
expires: Thu, 03 Nov 2022 05:10:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 297 KB
87 KB 38ms
37ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5HZKLL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d7ccc97dbbe16e7851ec9645c7c525d82ab5f9ef0901251c17fd976597492000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89468
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Oct 2022 05:10:59 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 376ms
46ms Script
text/javascript 172.64.156.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.156.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.garuda-indonesia.com/
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 75432cb20d018fe0-FRA

GET
H2 200 glyphicons-halflings-regular.woff2
www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/css/fonts/ 18 KB
18 KB 20ms
20ms Font
application/octet-stream 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/css/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-all.min.f65f5211ccca59e6c566aefdd62ccec1.css
Origin: https://www.garuda-indonesia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 01 Oct 2022 16:07:16 GMT
server: cloudflare
age: 133423
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
content-disposition: attachment
accept-ranges: bytes
cf-ray: 75432cb00d98912e-FRA
content-length: 18028
expires: Mon, 03 Oct 2022 09:10:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 347ms
13ms Script
text/javascript 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HZKLL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 05:01:59 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 541
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Mon, 03 Oct 2022 07:01:59 GMT

GET
H3

200

activityi;dc_pre=CIHqvfSlw_oCFYyEUQod2HwEHw;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspe... Show response
8543057.fls.doubleclick.net/ Frame BA96
Redirect Chain

https://8543057.fls.doubleclick.net/activityi;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fs...
https://8543057.fls.doubleclick.net/activityi;dc_pre=CIHqvfSlw_oCFYyEUQod2HwEHw;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww....

837 B
560 B

54ms
26ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8543057.fls.doubleclick.net/activityi;dc_pre=CIHqvfSlw_oCFYyEUQod2HwEHw;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HZKLL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

42109e7ed95b2e4c7e00b6f2a4b5c24c31b09f1a8572550ac68322cdb46eb369

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 535
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:11:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:11:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8543057.fls.doubleclick.net/activityi;dc_pre=CIHqvfSlw_oCFYyEUQod2HwEHw;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 349ms
15ms Script
text/javascript 142.250.27.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.27.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ra-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 03:55:33 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4527
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Mon, 03 Oct 2022 05:55:33 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 73ms
72ms Script
text/javascript 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HZKLL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
server: cafe
etag: 11313833467736987248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 05:10:59 GMT

GET
H2 200 uni.js Show response
d1adj61x0fgvmc.cloudfront.net/35BF4504/ 0
352 B 340ms
8ms Script
application/x-javascript 13.32.121.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1adj61x0fgvmc.cloudfront.net/35BF4504/uni.js
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 02 Oct 2022 20:23:43 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
last-modified: Thu, 18 Sep 2014 10:36:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 31638
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: wuneTh56SBVRQprtQbjr71dkXb39DwE_OS1dbjGB4jkwC5TMoebizA==

GET
H2 200 ins.js Show response
garuda.api.useinsider.com/ 439 KB
113 KB 361ms
27ms Script
application/javascript 162.159.133.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garuda.api.useinsider.com/ins.js?id=10001306

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HZKLL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.133.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3909a4a17a47921ad787a844e05f0c3fb39d23906426fb39a3ce2495ea9e9f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: nmAQ1MlXBspeFtyrlKqn2PKV4Wx6suwZ
cf-cache-status: HIT
x-amz-request-id: F79WCQ9SBY4YY640
age: 160
content-encoding: br
x-amz-id-2: FIJkBeLCbZlYNJLSr1EoJRsClntSWTmECR54Tw4l8EiObcUzQ0azikUyZjPcpKQeZpg+Fv6PGYk=
x-xss-protection: 1
pragma: public
last-modified: Mon, 03 Oct 2022 04:26:55 GMT
server: cloudflare
etag: W/"e2e59448766bd06f5b142d3f1b31a197"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 75432cb2ac496928-FRA
expires: Mon, 03 Oct 2022 05:16:00 GMT

GET
H2 200 / Show response
track.omguk.com/e/qs/ 0
563 B 167ms
69ms Script
text/javascript 108.128.135.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://track.omguk.com/e/qs/?action=Content&MID=1447134&PID=33526&ref=https%3A//www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-135-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
content-type: text/javascript
access-control-allow-origin: *
p3p: CP="ALL CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 8ms
7ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 03 Oct 2022 05:10:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7TvgPIEdnZIydFSkMTIFzzMqdObHTytXSG93n7VdWEOw9kZ/RpJDfuMlQnf4bISq89sw0vzoVi9NWG+w655pIQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 activity
id-gmtdmp.mookie1.com/t/v2/ 43 B
640 B 374ms
265ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_774351&src.device=desktop&src.location=id&src.rand=211051664773859930
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/943648473/ 3 KB
1 KB 184ms
60ms Script
text/javascript 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/943648473/?random=1664773859936&cv=9&fst=1664773859936&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&auid=2115931848.1664773860&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

e21a608ad80f22b87610f7ec3df6c9b13619f7ecf03ceb62bfe03a1ca2e5b3c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/399566689/ 3 KB
2 KB 56ms
56ms Script
text/javascript 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/399566689/?random=1664773859936&cv=9&fst=1664773859936&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&auid=2115931848.1664773860&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

e891417332cca6a94244303b6778408ee36fb64e95f91036570f6daca8b2d7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1597
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 248325143618417 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 8ms
8ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/248325143618417?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

fb9161d6327f859c0a77c4abe352b5a887e1ddb976f9c66825594b213d8e7e13

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 03 Oct 2022 05:10:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85888
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ZMF7SUT6Imp8uy529lrY1nY+8m2/llAAaUZPNPiLh/KOXvO4UsmdABXXe//u7c4UHFGABfH5SscqiDh+uHW9eA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 308ms
7ms Image
text/plain 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=248325143618417&ev=PageView&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&rl=&if=false&ts=1664773860006&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664773860005.232034213&it=1664773859959&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Oct 2022 05:11:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1F39 5 KB
740 B 350ms
20ms Stylesheet
text/css 142.250.179.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s42-in-f10.1e100.net

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 04:52:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Oct 2022 05:11:00 GMT

GET
H2 200 base.css
secure.rentalcars.com/partners/integrations/stand-alone-app/css/ Frame 1F39 16 KB
5 KB 43ms
43ms Stylesheet
text/css 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/css/base.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c04e8bbfa057e098486ff3b17b0e46f85a5e27c89790dfefb48b57cf8f063ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1013
cf-polished: origSize=16706
x-envoy-upstream-service-time: 75
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 09:10:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"4142-5d94cc5649b00-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 75432cb12e486937-FRA
expires: Mon, 03 Oct 2022 09:11:00 GMT

GET
H2 200 app.min.js Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/js/ Frame 1F39 213 KB
76 KB 37ms
37ms Script
application/javascript 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ead9b6523f6f250f5ac9e6daad3ab4468406ebf45a8856cca4508ea1557232d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 6873
x-envoy-upstream-service-time: 68
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Feb 2022 14:03:28 GMT
server: cloudflare
etag: W/"35365-5d7822e6a6c00-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 75432cb12e4b6937-FRA
expires: Mon, 03 Oct 2022 09:11:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/399566689/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/399566689/?random=1150555630&cv=9&fst=1664773859936&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/399566689/?random=1150555630&cv=9&fst=1664773859936&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/399566689/?random=1150555630&cv=9&fst=1664773859936&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...

42 B
108 B

35ms
33ms

Image
image/gif

142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/399566689/?random=1150555630&cv=9&fst=1664773859936&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&auid=2115931848.1664773860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek9DaEVJOE8za21RWVE5NTI1M2Fha3YtM2FBUkltQUhncS1hb21ZZkVubGR4dENjcU1mbDhxdFpMVjJOaWtzcnJTSWM3U3RuSmZQcVAyUC1BGlpDaEVJOE8za21RWVFfNUdfN3ZHZHpZYkFBUkl1QURtS0NqYkFTTS1SRDlQLUJFRW50alBNNWRFQktnOUtNSDh2YThlNGQ3M2pFT3pOTnh3V0J0TjVQNXprQWc&is_vtc=1&ocp_id=4246Y4j5OoTFmLAPyOOB0AY&eitems=ChAI8O3kmQYQwcPDqPLRtoIzEh0AW3dUTJtmKU2MxrkFffYwUPrm4KFVcC0msgJOBg&random=4092535259&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/399566689/?random=1150555630&cv=9&fst=1664773859936&num=1&value=0&label=ewqWCLLy6fwBEOHOw74B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&auid=2115931848.1664773860&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek9DaEVJOE8za21RWVE5NTI1M2Fha3YtM2FBUkltQUhncS1hb21ZZkVubGR4dENjcU1mbDhxdFpMVjJOaWtzcnJTSWM3U3RuSmZQcVAyUC1BGlpDaEVJOE8za21RWVFfNUdfN3ZHZHpZYkFBUkl1QURtS0NqYkFTTS1SRDlQLUJFRW50alBNNWRFQktnOUtNSDh2YThlNGQ3M2pFT3pOTnh3V0J0TjVQNXprQWc&is_vtc=1&ocp_id=4246Y4j5OoTFmLAPyOOB0AY&eitems=ChAI8O3kmQYQwcPDqPLRtoIzEh0AW3dUTJtmKU2MxrkFffYwUPrm4KFVcC0msgJOBg&random=4092535259&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/945725739/ 3 KB
1 KB 75ms
67ms Script
text/javascript 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945725739/?random=1664773860024&cv=9&fst=1664773860024&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

d356367a75edfe22bfce408e321a4fea2da0ddd7ba668840b7272741adc78ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1193
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A926 5 KB
1 KB 329ms
19ms Stylesheet
text/css 142.250.179.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s42-in-f10.1e100.net

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 04:01:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Oct 2022 05:11:00 GMT

GET
H2 200 base.css
secure.rentalcars.com/partners/integrations/stand-alone-app/css/ Frame A926 16 KB
5 KB 34ms
33ms Stylesheet
text/css 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/css/base.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c04e8bbfa057e098486ff3b17b0e46f85a5e27c89790dfefb48b57cf8f063ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1013
cf-polished: origSize=16706
x-envoy-upstream-service-time: 75
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Mar 2022 09:10:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"4142-5d94cc5649b00-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 75432cb13e796937-FRA
expires: Mon, 03 Oct 2022 09:11:00 GMT

GET
H2 200 app.min.js Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/js/ Frame A926 213 KB
76 KB 30ms
29ms Script
application/javascript 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ead9b6523f6f250f5ac9e6daad3ab4468406ebf45a8856cca4508ea1557232d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 6873
x-envoy-upstream-service-time: 68
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Feb 2022 14:03:28 GMT
server: cloudflare
etag: W/"35365-5d7822e6a6c00-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 75432cb13e7d6937-FRA
expires: Mon, 03 Oct 2022 09:11:00 GMT

GET
H2 200 anchor Show response
recaptcha.net/recaptcha/api2/ Frame CB3A 43 KB
23 KB 367ms
66ms Document
text/html 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=iseuola50lk4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

GSE /

Resource Hash

cdd17401da8f215c2c73acfba18b46c1043f804661652a2ee266d97704bd5e7f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yIRFtly86AIrnYzCZQ6isA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23376
content-security-policy: script-src 'report-sample' 'nonce-yIRFtly86AIrnYzCZQ6isA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:11:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
recaptcha.net/recaptcha/api2/ Frame 7746 43 KB
23 KB 381ms
80ms Document
text/html 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

GSE /

Resource Hash

7121011a53bbf9d816b0f861abfc0fe014b545c888883961092456820f506c43

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Sg90FV5ejh3Sz3kEnDDa9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23250
content-security-policy: script-src 'report-sample' 'nonce-Sg90FV5ejh3Sz3kEnDDa9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:11:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
recaptcha.net/recaptcha/api2/ Frame 7B03 43 KB
23 KB 372ms
71ms Document
text/html 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

GSE /

Resource Hash

db3c8d13264319a1fb49b333bb7d61b33b42098a20fda4d4947e90f704846f60

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KxwgPH6NgCvn_SAUR6QVZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23301
content-security-policy: script-src 'report-sample' 'nonce-KxwgPH6NgCvn_SAUR6QVZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:11:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dc_pre=CIHqvfSlw_oCFYyEUQod2HwEHw;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offer... Show response
adservice.google.com/ddm/fls/i/ Frame 15EA 836 B
1004 B 446ms
66ms Document
text/html 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIHqvfSlw_oCFYyEUQod2HwEHw;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D

Requested by

Host: 8543057.fls.doubleclick.net
URL: https://8543057.fls.doubleclick.net/activityi;dc_pre=CIHqvfSlw_oCFYyEUQod2HwEHw;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

78507485c6d918c51ba19638ebc04e9d06352ed38e91b5a81f89bcdfb7a834e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8543057.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 535
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:11:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 combined.css.h-393099160.pack
upgrade-cdn-prd.plusgrade.com/offer/ Frame 3EDD 98 KB
17 KB 699ms
651ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/combined.css.h-393099160.pack
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 / pack:tag
Resource Hash: de00a543120ad30304350de0735bd3642e8c5bf7a74b1b25d473a67ecaa3b84a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: gzip
via: kong/0.12.3, 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA56-P6
etag: pack-393099160
x-powered-by: pack:tag
x-kong-proxy-latency: 0
content-type: text/css;charset=utf-8
x-kong-upstream-latency: 3
cache-control: private
x-cache: Miss from cloudfront
x-robots-tag: noindex
x-amz-cf-id: oB5L-ST2YAO2ERvG-ZjYhobRBgmBPJ_0xnW7pm7O4yjSjkVuk4KvDQ==
expires: Thu, 30 Sep 2032 05:11:00 GMT

GET
H2 200 combined.js.h-1914596992.pack Show response
upgrade-cdn-prd.plusgrade.com/offer/ Frame 3EDD 89 KB
32 KB 516ms
469ms Script
text/javascript 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/combined.js.h-1914596992.pack
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 / pack:tag
Resource Hash: a3e3a0d80de5ff750a60a4416ba89dce7156c9d4a765b4b358567e2ca87dbb3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: gzip
via: kong/0.12.3, 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA56-P6
etag: pack-1914596992
x-powered-by: pack:tag
x-kong-proxy-latency: 0
content-type: text/javascript;charset=utf-8
x-kong-upstream-latency: 2
cache-control: private
x-cache: Miss from cloudfront
x-robots-tag: noindex
x-amz-cf-id: 2LDpPpPfhnRBVb46rJpJyhw1gxTus48SIcqJxBI2f2gohmR4oB1Mbw==
expires: Thu, 30 Sep 2032 05:11:00 GMT

GET
H2 200 combined.css.h-257728711.pack
upgrade-cdn-prd.plusgrade.com/offer/ Frame 3EDD 23 KB
5 KB 607ms
560ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/combined.css.h-257728711.pack
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 / pack:tag
Resource Hash: 45602df5bf0b09f9877b018a3c5929bd96d7b1ab21a74e312df9cb9e809cc683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: gzip
via: kong/0.12.3, 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-powered-by: pack:tag
x-kong-proxy-latency: 0
x-cache: Miss from cloudfront
x-kong-upstream-latency: 2
content-length: 4353
server: Apache-Coyote/1.1
etag: pack-257728711
content-type: text/css;charset=utf-8
cache-control: private
x-robots-tag: noindex
x-amz-cf-id: 3mBa-ZkFytEic_kJAIqgtqUW_EyY1-UnLZbSoLgPbHHSbmZawZjlBA==
expires: Thu, 30 Sep 2032 05:11:00 GMT

GET
H2 200 lookup.js Show response
upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/ Frame 3EDD 336 KB
337 KB 827ms
780ms Script
text/javascript 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: c1da456e04605416658f83e9c0a57516823f086afc69fed73b2f61a2ef0c8009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
via: kong/0.12.3, 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA56-P6
x-kong-proxy-latency: 0
x-cache: Miss from cloudfront
content-language: en
content-type: text/javascript;charset=UTF-8
x-kong-upstream-latency: 16
cache-control: no-cache, no-store
x-robots-tag: noindex
x-amz-cf-id: _5Gl8dsHJp0TBK8dq9uKaOjQkI_AnLTfZ42gd1Jfj887gE_LMtrLXg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 4F76 2 KB
914 B 341ms
40ms Other
text/html 142.250.186.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.173 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f13.1e100.net

Software

GSE /

Resource Hash

f5b88251d4efb261ca5e8b650fcdbf4cc6290159aa6e8a88f345bd1e93417ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.eJOmNFtKVN8.es5.O/d=1/rs=AOaEmlEFcwHlVJ4B0u3e71WJCcV_vzbOGA/ Frame 4F76 99 KB
35 KB 776ms
96ms Script
text/javascript 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.eJOmNFtKVN8.es5.O/d=1/rs=AOaEmlEFcwHlVJ4B0u3e71WJCcV_vzbOGA/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

f8fdffcdc31327f9b595502bde2183bc278d0dd3f40e1535b1d4a6418e54f068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 03:59:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34875
x-xss-protection: 0
last-modified: Sat, 24 Sep 2022 05:40:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 03:59:40 GMT

POST
H2 200 GarudaBookingServlet Show response
www.garuda-indonesia.com/garudaapinew/ 58 B
133 B 878ms
878ms XHR
text/xml 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/garudaapinew/GarudaBookingServlet

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/jquery-1.10.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53d966f39e621b4ebbea44474d3f04dd95c5316e2772b30c33cdefe2849b9834

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://www.garuda-indonesia.com
cf-ray: 75432cb29a35912e-FRA

POST
H2 200 GetSiteMap Show response
www.garuda-indonesia.com/garudaapinew/ 214 B
402 B 725ms
724ms XHR
text/xml 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/garudaapinew/GetSiteMap

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/jquery-1.10.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02af61d00baa1b2768cd4af22b20a1125092ad8cf300f5eb3f22d1171e2f5592

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://www.garuda-indonesia.com
cf-ray: 75432cb2ba5d912e-FRA

GET
H2 200 Amala Show response
www.garuda-indonesia.com/garudaapinew/ 72 B
137 B 817ms
817ms XHR
application/json 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/garudaapinew/Amala?f=cekstatus

Requested by

Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/jquery-1.10.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64637d4aa992515b6d20291d5df4a9be804a35fd67937901b899a294bfeb7a95

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75432cb2fb1b912e-FRA
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK Script.js Show response
widget.api.traveldoc.aero/JS/ 30 KB
9 KB 373ms
40ms Script
text/javascript 191.237.222.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.api.traveldoc.aero/JS/Script.js?Color=Default&Orientation=Standard&ClientContainer=submenu-traveldoc-floating&Language=en&_=1664773859247
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 191.237.222.171 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 430c4d457d3ceb4b453ecd5f98a6b7a8d2e8b6551c10fe24519d76834d2d699d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 05:10:59 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Last-Modified: Mon, 03 Oct 2022 05:11:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=10
Content-Length: 9149
Expires: Mon, 03 Oct 2022 05:11:10 GMT

GET
H2 200 login_button.php Show response
www.facebook.com/v6.0/plugins/ Frame 928B 31 KB
14 KB 364ms
62ms Document
text/html 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15a811a37482e8%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff431c81312acb%26relation%3Dparent.parent&container_width=0&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4ff171b788730b72738d95487daf070a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

Resource Hash

d52732b29196ecf61f97f6b105fe7b4bd781dd284274a8aa1c566423c8ddce38

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Mon, 03 Oct 2022 05:11:00 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: gll7lCq1HvGFVqAAezpsQW4xoM5VuF+PcSRFRu8CPQAmpq59/fMD+6ZYKmopvt3os+25jTX04HTy/v/yXeP+cg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 login_button.php Show response
www.facebook.com/v6.0/plugins/ Frame 4DA6 31 KB
12 KB 364ms
63ms Document
text/html 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa62c6bb4a44%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff431c81312acb%26relation%3Dparent.parent&container_width=0&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4ff171b788730b72738d95487daf070a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

Resource Hash

959a9b98d3d60f7145449f05f5135b90c1d7fffa64420d3d2533ee4f1fa70c42

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Mon, 03 Oct 2022 05:11:00 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: MJeWTfD4js4lk8LfHzSTFbvhZfu+ne3+2H0ns7k+c5qgfiT19gHrFndWBbAYhbZuRCjhk4CglMpdxnGhF+l9wQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 combined.css.h-393099160.pack
upgrade-cdn-prd.plusgrade.com/offer/ Frame 164E 98 KB
17 KB 1053ms
1052ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/combined.css.h-393099160.pack
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 / pack:tag
Resource Hash: de00a543120ad30304350de0735bd3642e8c5bf7a74b1b25d473a67ecaa3b84a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
content-encoding: gzip
via: kong/0.12.3, 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA56-P6
etag: pack-393099160
x-powered-by: pack:tag
x-kong-proxy-latency: 0
content-type: text/css;charset=utf-8
x-kong-upstream-latency: 2
cache-control: private
x-cache: Miss from cloudfront
x-robots-tag: noindex
x-amz-cf-id: wcJiTqpQKrKpzfLT6Kkq2BS77wRt8tpmC4A4TTlnbBHw40xNU_IrpQ==
expires: Thu, 30 Sep 2032 05:11:01 GMT

GET
H2 200 combined.js.h-1914596992.pack Show response
upgrade-cdn-prd.plusgrade.com/offer/ Frame 164E 89 KB
32 KB 1053ms
1053ms Script
text/javascript 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/combined.js.h-1914596992.pack
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 / pack:tag
Resource Hash: a3e3a0d80de5ff750a60a4416ba89dce7156c9d4a765b4b358567e2ca87dbb3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
content-encoding: gzip
via: kong/0.12.3, 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA56-P6
etag: pack-1914596992
x-powered-by: pack:tag
x-kong-proxy-latency: 0
content-type: text/javascript;charset=utf-8
x-kong-upstream-latency: 2
cache-control: private
x-cache: Miss from cloudfront
x-robots-tag: noindex
x-amz-cf-id: MQkAZ27cgUEqsUmQHou60DyIWHwepoKRJye-lIeIUOd2f-b32e-hhA==
expires: Thu, 30 Sep 2032 05:11:01 GMT

GET
H2 200 combined.css.h-257728711.pack
upgrade-cdn-prd.plusgrade.com/offer/ Frame 164E 23 KB
5 KB 869ms
868ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/combined.css.h-257728711.pack
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 / pack:tag
Resource Hash: 45602df5bf0b09f9877b018a3c5929bd96d7b1ab21a74e312df9cb9e809cc683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
content-encoding: gzip
via: kong/0.12.3, 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-powered-by: pack:tag
x-kong-proxy-latency: 0
x-cache: Miss from cloudfront
x-kong-upstream-latency: 2
content-length: 4353
server: Apache-Coyote/1.1
etag: pack-257728711
content-type: text/css;charset=utf-8
cache-control: private
x-robots-tag: noindex
x-amz-cf-id: AbgVb9Ovi_kQnh_xbqH_Rd5KvKFuCtNhM_rjh2qyWARsiE2Yw792UQ==
expires: Thu, 30 Sep 2032 05:11:01 GMT

GET
H2 200 lookup.js Show response
upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/ Frame 164E 336 KB
337 KB 1129ms
1129ms Script
text/javascript 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Requested by: Host: upgrade.plusgrade.com
URL: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: c1da456e04605416658f83e9c0a57516823f086afc69fed73b2f61a2ef0c8009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:01 GMT
via: kong/0.12.3, 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA56-P6
x-kong-proxy-latency: 0
x-cache: Miss from cloudfront
content-language: en
content-type: text/javascript;charset=UTF-8
x-kong-upstream-latency: 22
cache-control: no-cache, no-store
x-robots-tag: noindex
x-amz-cf-id: fsSD_CWnwJaukB2TzVL_qhI1rL4bY4DhkGmrCbpuHEDcyTw-6n16Bw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/943648473/ 42 B
548 B 329ms
26ms Image
image/gif 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/943648473/?random=1664773859936&cv=9&fst=1664773200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&async=1&fmt=3&is_vtc=1&random=1316051048&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/943648473/ 42 B
108 B 363ms
28ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/943648473/?random=1664773859936&cv=9&fst=1664773200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&async=1&fmt=3&is_vtc=1&random=1316051048&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/681405943/ 42 B
108 B 328ms
27ms Image
image/gif 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/681405943/?random=1664773859829&cv=9&fst=1664773200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&async=1&fmt=3&is_vtc=1&random=3908147709&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/681405943/ 42 B
108 B 363ms
29ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/681405943/?random=1664773859829&cv=9&fst=1664773200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&async=1&fmt=3&is_vtc=1&random=3908147709&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/945725739/ 42 B
108 B 331ms
30ms Image
image/gif 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/945725739/?random=1664773860024&cv=9&fst=1664773200000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&fmt=3&is_vtc=1&random=3865261741&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/945725739/ 42 B
548 B 362ms
27ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/945725739/?random=1664773860024&cv=9&fst=1664773200000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&tiba=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&fmt=3&is_vtc=1&random=3865261741&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 321ms
20ms XHR
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1405588215&t=pageview&_s=1&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&ul=en-us&de=UTF-8&dt=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1778789872&gjid=619938106&cid=1612840651.1664773860&tid=UA-41803108-14&_gid=1340679680.1664773860&_r=1&gtm=2wg9s05HZKLL&cg1=OFFERS&cg2=ID-EN&cd9=GA%2FID%2FEN%2FOFFERS&z=1183244668

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.garuda-indonesia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.garuda-indonesia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=654201221&utmhn=www.garuda-indonesia.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&u...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41803108-2&cid=1612840651.1664773860&jid=900282191&_v=5.7.2dc&z=654201221
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41803108-2&cid=1612840651.1664773860&jid=900282191&_v=5.7.2dc&z=654201221&slf_rd=1&random=199862497

42 B
107 B

325ms
24ms

Image
image/gif

142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41803108-2&cid=1612840651.1664773860&jid=900282191&_v=5.7.2dc&z=654201221&slf_rd=1&random=199862497

Requested by

Protocol

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41803108-2&cid=1612840651.1664773860&jid=900282191&_v=5.7.2dc&z=654201221&slf_rd=1&random=199862497
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame A926 486 KB
117 KB 375ms
74ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-ND9GV5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dafdfb67fa4dc62c7f9b132a43c1aa45ba8a6971614df131062d6de5cb803259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119241
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Oct 2022 05:11:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 1F39 486 KB
116 KB 439ms
138ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-ND9GV5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

67c59501c03e92a210906807915add76c343f237486b70372fb3daf6b35828e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119121
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Oct 2022 05:11:00 GMT

GET
H2 200 worker-new.html Show response
garuda.api.useinsider.com/ Frame CD3C 10 KB
3 KB 22ms
21ms Document
text/html 162.159.133.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garuda.api.useinsider.com/worker-new.html
Requested by: Host: garuda.api.useinsider.com
URL: https://garuda.api.useinsider.com/ins.js?id=10001306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d14eef971fe22bc95e984724c991e7a9c15aca71ee67a6f91703cabdbadf68

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 160
cache-control: public, max-age=1382400
cf-cache-status: HIT
cf-ray: 75432cb3ede76928-FRA
content-encoding: br
content-type: text/html
date: Mon, 03 Oct 2022 05:11:00 GMT
expires: Wed, 19 Oct 2022 05:11:00 GMT
last-modified: Thu, 29 Sep 2022 14:46:34 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 styles.css
secure.rentalcars.com/partners/integrations/stand-alone-app/import/template/garuda/ Frame A926 4 KB
1 KB 43ms
43ms Stylesheet
text/css 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/import/template/garuda/styles.css

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ce14963bf8765e1efa838b9d10d008805158f3e7f34166a558481a994e47214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 159
cf-polished: origSize=4723
x-envoy-upstream-service-time: 70
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Feb 2022 14:07:14 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1273-5d7823be2e880-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 75432cb3fa5c6937-FRA
expires: Mon, 03 Oct 2022 09:11:00 GMT

GET
H2 200 styles.css
secure.rentalcars.com/partners/integrations/stand-alone-app/import/garuda/ Frame A926 864 B
493 B 42ms
42ms Stylesheet
text/css 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/import/garuda/styles.css

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7899c7ff0e69c47a80cf0c3a70a4ec4a7f5d75428580fbb0623b55c6fc00e71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 159
cf-polished: origSize=1081
x-envoy-upstream-service-time: 66
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Feb 2022 14:05:09 GMT
cf-bgj: minify
server: cloudflare
etag: W/"439-5d782346f8f40-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 75432cb40a616937-FRA
expires: Mon, 03 Oct 2022 09:11:00 GMT

GET
H2 200 en.json Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/stand-alone-data/default/ Frame A926 13 KB
3 KB 130ms
129ms XHR
application/json 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/stand-alone-data/default/en.json

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d371dc0a22812195bb4393d47224eff8ca2dccf8d09d337e0b8a0bd9e564c63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 08 Feb 2022 14:06:03 GMT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
etag: W/"3379-5d78237a788c0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/json
x-envoy-upstream-service-time: 61
cf-ray: 75432cb40a676937-FRA
x-xss-protection: 1; mode=block

GET
H2 200 en.json Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/stand-alone-data/garuda/ Frame A926 932 B
1 KB 112ms
112ms XHR
application/json 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/stand-alone-data/garuda/en.json

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61eef52da89b0a6c719eab460687d6905922766792ea2c21f1cb8c06f59c2b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 08 Feb 2022 14:06:32 GMT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
etag: W/"3a4-5d78239620a00-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/json
x-envoy-upstream-service-time: 66
cf-ray: 75432cb40a6a6937-FRA
x-xss-protection: 1; mode=block

GET
H2 200 garuda.html Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/partials/layout/ Frame A926 1 KB
940 B 165ms
165ms XHR
text/html 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/partials/layout/garuda.html

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6a8b1891e37660da6063480a1ddf420c6acb8f282ba43c850f7f3a90af790ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 08 Feb 2022 14:05:39 GMT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
x-envoy-upstream-service-time: 34
cf-ray: 75432cb40a6c6937-FRA
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
secure.rentalcars.com/partners/integrations/stand-alone-app/import/template/garuda/ Frame 1F39 4 KB
1 KB 40ms
40ms Stylesheet
text/css 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/import/template/garuda/styles.css

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ce14963bf8765e1efa838b9d10d008805158f3e7f34166a558481a994e47214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 159
cf-polished: origSize=4723
x-envoy-upstream-service-time: 70
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Feb 2022 14:07:14 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1273-5d7823be2e880-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 75432cb40a796937-FRA
expires: Mon, 03 Oct 2022 09:11:00 GMT

GET
H2 200 styles.css
secure.rentalcars.com/partners/integrations/stand-alone-app/import/garuda/ Frame 1F39 864 B
375 B 51ms
51ms Stylesheet
text/css 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/import/garuda/styles.css

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7899c7ff0e69c47a80cf0c3a70a4ec4a7f5d75428580fbb0623b55c6fc00e71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 159
cf-polished: origSize=1081
x-envoy-upstream-service-time: 66
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Feb 2022 14:05:09 GMT
cf-bgj: minify
server: cloudflare
etag: W/"439-5d782346f8f40-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 75432cb40a7d6937-FRA
expires: Mon, 03 Oct 2022 09:11:00 GMT

GET
H2 200 en.json Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/stand-alone-data/default/ Frame 1F39 13 KB
3 KB 167ms
167ms XHR
application/json 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/stand-alone-data/default/en.json

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d371dc0a22812195bb4393d47224eff8ca2dccf8d09d337e0b8a0bd9e564c63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 08 Feb 2022 14:06:03 GMT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
etag: W/"3379-5d78237a788c0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/json
x-envoy-upstream-service-time: 62
cf-ray: 75432cb40a806937-FRA
x-xss-protection: 1; mode=block

GET
H2 200 en.json Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/stand-alone-data/garuda/ Frame 1F39 932 B
795 B 126ms
125ms XHR
application/json 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/stand-alone-data/garuda/en.json

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61eef52da89b0a6c719eab460687d6905922766792ea2c21f1cb8c06f59c2b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 08 Feb 2022 14:06:32 GMT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
etag: W/"3a4-5d78239620a00-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/json
x-envoy-upstream-service-time: 71
cf-ray: 75432cb40a826937-FRA
x-xss-protection: 1; mode=block

GET
H2 200 garuda.html Show response
secure.rentalcars.com/partners/integrations/stand-alone-app/partials/layout/ Frame 1F39 1 KB
1 KB 591ms
591ms XHR
text/html 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/partials/layout/garuda.html

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6a8b1891e37660da6063480a1ddf420c6acb8f282ba43c850f7f3a90af790ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 08 Feb 2022 14:05:39 GMT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
x-envoy-upstream-service-time: 517
cf-ray: 75432cb40a856937-FRA
x-xss-protection: 1; mode=block

GET
H2 200 166477386052475e9420a59.32425118 Show response
segment.api.useinsider.com/v4/segments/ 927 B
771 B 383ms
57ms XHR
application/json 162.159.134.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.api.useinsider.com/v4/segments/166477386052475e9420a59.32425118?partnerid=10001306&fields=840717911cdadec97a4de7edb820a350,ba0efa73f658fd0ea7f992a20d120f4b&
Requested by: Host: garuda.api.useinsider.com
URL: https://garuda.api.useinsider.com/ins.js?id=10001306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.134.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bdee3e2e973d16f00ac23acf70b46bb762ffeef358471e2017baad3fdf84779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-ray: 75432cb63f5b9bb0-FRA

GET
H2 200 / Show response
location.api.useinsider.com/ 248 B
579 B 377ms
47ms XHR
application/json 162.159.133.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://location.api.useinsider.com/?v=2&pId=10001306&
Requested by: Host: garuda.api.useinsider.com
URL: https://garuda.api.useinsider.com/ins.js?id=10001306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec769743a3c27a76a6408da6cd3cabdd68fd826bb83a8b76a0d923032f397886

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: application/json
cache-control: no-cache, private
cf-ray: 75432cb65c359975-FRA

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
139 B 58ms
45ms Image
image/gif 162.159.133.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5nYXJ1ZGEtaW5kb25lc2lhLmNvbS9pZC9lbi9zcGVjaWFsLW9mZmVycy9zYWxlcy1wcm9tb3Rpb24vSFVULU1BTkRJUkkyND9pbnNObHRDbXBJZD0xNzYyNCZpbnNObHRTbGR0PTEwMDgwJmlzSW5zTmx0Q21wPTEmdXRtX2NhbXBhaWduPWh1dF9tYW5kaXJpMjQmdXRtX2NhbXBhaWduPUhVVF9NYW5kaXJpMjQmdXRtX2NvbnRlbnQ9ZW5fMW9jdCZ1dG1fY29udGVudD1lbl8wMW9jdCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc291cmNlPWVtYWlsJnV0bV9zdGF0dXM9dHJ1ZSZ1dG1fdGVybT0iLCJyZWZlcmVyIjoiaHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb20vaWQvZW4vc3BlY2lhbC1vZmZlcnMvc2FsZXMtcHJvbW90aW9uL0hVVC1NQU5ESVJJMjQ%2FaW5zTmx0Q21wSWQ9MTc2MjQmaW5zTmx0U2xkdD0xMDA4MCZpc0luc05sdENtcD0xJnV0bV9jYW1wYWlnbj1odXRfbWFuZGlyaTI0JnV0bV9jYW1wYWlnbj1IVVRfTWFuZGlyaTI0JnV0bV9jb250ZW50PWVuXzFvY3QmdXRtX2NvbnRlbnQ9ZW5fMDFvY3QmdXRtX21lZGl1bT1lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc3RhdHVzPXRydWUmdXRtX3Rlcm09IiwidXNlcklkIjoiMTY2NDc3Mzg2MDUyNDc1ZTk0MjBhNTkuMzI0MjUxMTgiLCJwbGF0Zm9ybSI6IndlYiIsImN1c3RvbVNlZ21lbnRJZCI6MiwibG9nVHlwZSI6ImltcHJlc3Npb24ifQ%3D%3D&t=cs&pn=garuda
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75432cb47e9f6928-FRA
content-length: 42
content-type: image/gif

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame CB3A 52 KB
24 KB 411ms
57ms Stylesheet
text/css 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=iseuola50lk4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 20:08:24 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame CB3A 392 KB
157 KB 461ms
107ms Script
text/javascript 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 45ms
45ms Image
image/gif 162.159.133.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5nYXJ1ZGEtaW5kb25lc2lhLmNvbS9pZC9lbi9zcGVjaWFsLW9mZmVycy9zYWxlcy1wcm9tb3Rpb24vSFVULU1BTkRJUkkyND9pbnNObHRDbXBJZD0xNzYyNCZpbnNObHRTbGR0PTEwMDgwJmlzSW5zTmx0Q21wPTEmdXRtX2NhbXBhaWduPWh1dF9tYW5kaXJpMjQmdXRtX2NhbXBhaWduPUhVVF9NYW5kaXJpMjQmdXRtX2NvbnRlbnQ9ZW5fMW9jdCZ1dG1fY29udGVudD1lbl8wMW9jdCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc291cmNlPWVtYWlsJnV0bV9zdGF0dXM9dHJ1ZSZ1dG1fdGVybT0iLCJyZWZlcmVyIjoiaHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb20vaWQvZW4vc3BlY2lhbC1vZmZlcnMvc2FsZXMtcHJvbW90aW9uL0hVVC1NQU5ESVJJMjQ%2FaW5zTmx0Q21wSWQ9MTc2MjQmaW5zTmx0U2xkdD0xMDA4MCZpc0luc05sdENtcD0xJnV0bV9jYW1wYWlnbj1odXRfbWFuZGlyaTI0JnV0bV9jYW1wYWlnbj1IVVRfTWFuZGlyaTI0JnV0bV9jb250ZW50PWVuXzFvY3QmdXRtX2NvbnRlbnQ9ZW5fMDFvY3QmdXRtX21lZGl1bT1lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc3RhdHVzPXRydWUmdXRtX3Rlcm09IiwidXNlcklkIjoiMTY2NDc3Mzg2MDUyNDc1ZTk0MjBhNTkuMzI0MjUxMTgiLCJwbGF0Zm9ybSI6IndlYiIsIm9yaWdpbmFsUHJpY2UiOjAsIm9yaWdpbmFsQ3VycmVuY3kiOiJJRFIiLCJjb252ZXJ0ZWRDdXJyZW5jeSI6IklEUiIsImNvbnZlcnRlZFByaWNlIjowLCJzZXNzaW9uSWQiOiJibVptWm1ZME0zY3RiVE0xT1MxdWRIbDRMV2xuZG0wdGFtTnNhWFJyWjJocmVtOTFYekUyTmpRM056TTROakU9Iiwic2FsZXNTZXNJZCI6IiIsInNhbGVzU2VzVGltZSI6InVuZGVmaW5lZC0xNjY0NzczODYxIiwib3JkZXJJZCI6IiIsInBhaWRQcm9kdWN0cyI6IltdIiwiY2FtcElkIjoiYzcwIiwidHlwZSI6ImltcHJlc3Npb24iLCJvdGhlciI6IiIsImN1c3RvbVN1YklkIjoiTi9BIiwicHJvZHVjdFR5cGUiOiJjdXN0b20ifQ%3D%3D&t=cu&pn=garuda
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75432cb47ea16928-FRA
content-length: 42
content-type: image/gif

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 314ms
13ms Image
image/gif 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1405588215&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&ul=en-us&de=UTF-8&dt=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=Save%20User%20Informations%20-%20Inmail-impressions-custom&el=(builder%20ID%3A%20488)%20-%20Variation%20Ratio%3A%20100%25&_utma=46826104.1612840651.1664773860.1664773860.1664773860.1&_utmz=46826104.1664773860.1.1.utmcsr%3Demail%7Cutmccn%3DHUT_Mandiri24%7Cutmcmd%3Demail%7Cutmcct%3Den_01oct&_utmht=1664773860549&_u=aGDCCEABBAAAAC~&jid=&gjid=&cid=1612840651.1664773860&tid=UA-41803108-14&_gid=1340679680.1664773860&gtm=2wg9s05HZKLL&z=2137188910

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 18:52:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37111
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 42ms
42ms Image
image/gif 162.159.133.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5nYXJ1ZGEtaW5kb25lc2lhLmNvbS9pZC9lbi9zcGVjaWFsLW9mZmVycy9zYWxlcy1wcm9tb3Rpb24vSFVULU1BTkRJUkkyND9pbnNObHRDbXBJZD0xNzYyNCZpbnNObHRTbGR0PTEwMDgwJmlzSW5zTmx0Q21wPTEmdXRtX2NhbXBhaWduPWh1dF9tYW5kaXJpMjQmdXRtX2NhbXBhaWduPUhVVF9NYW5kaXJpMjQmdXRtX2NvbnRlbnQ9ZW5fMW9jdCZ1dG1fY29udGVudD1lbl8wMW9jdCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc291cmNlPWVtYWlsJnV0bV9zdGF0dXM9dHJ1ZSZ1dG1fdGVybT0iLCJyZWZlcmVyIjoiaHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb20vaWQvZW4vc3BlY2lhbC1vZmZlcnMvc2FsZXMtcHJvbW90aW9uL0hVVC1NQU5ESVJJMjQ%2FaW5zTmx0Q21wSWQ9MTc2MjQmaW5zTmx0U2xkdD0xMDA4MCZpc0luc05sdENtcD0xJnV0bV9jYW1wYWlnbj1odXRfbWFuZGlyaTI0JnV0bV9jYW1wYWlnbj1IVVRfTWFuZGlyaTI0JnV0bV9jb250ZW50PWVuXzFvY3QmdXRtX2NvbnRlbnQ9ZW5fMDFvY3QmdXRtX21lZGl1bT1lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc3RhdHVzPXRydWUmdXRtX3Rlcm09IiwidXNlcklkIjoiMTY2NDc3Mzg2MDUyNDc1ZTk0MjBhNTkuMzI0MjUxMTgiLCJwbGF0Zm9ybSI6IndlYiIsIm9yaWdpbmFsUHJpY2UiOjAsIm9yaWdpbmFsQ3VycmVuY3kiOiJJRFIiLCJjb252ZXJ0ZWRDdXJyZW5jeSI6IklEUiIsImNvbnZlcnRlZFByaWNlIjowLCJzZXNzaW9uSWQiOiJibVptWm1ZME0zY3RiVE0xT1MxdWRIbDRMV2xuZG0wdGFtTnNhWFJyWjJocmVtOTFYekUyTmpRM056TTROakU9Iiwic2FsZXNTZXNJZCI6IiIsInNhbGVzU2VzVGltZSI6InVuZGVmaW5lZC0xNjY0NzczODYxIiwib3JkZXJJZCI6IiIsInBhaWRQcm9kdWN0cyI6IltdIiwiY2FtcElkIjoiYzc2IiwidHlwZSI6ImltcHJlc3Npb24iLCJvdGhlciI6IiIsImN1c3RvbVN1YklkIjoiTi9BIiwicHJvZHVjdFR5cGUiOiJjdXN0b20ifQ%3D%3D&t=cu&pn=garuda
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75432cb4bf046928-FRA
content-length: 42
content-type: image/gif

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 314ms
13ms Image
image/gif 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1405588215&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&ul=en-us&de=UTF-8&dt=SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=Pricing%20Psychology-impressions-custom&el=(builder%20ID%3A%20506)%20-%20Variation%20Ratio%3A%20100%25&_utma=46826104.1612840651.1664773860.1664773860.1664773860.1&_utmz=46826104.1664773860.1.1.utmcsr%3Demail%7Cutmccn%3DHUT_Mandiri24%7Cutmcmd%3Demail%7Cutmcct%3Den_01oct&_utmht=1664773860556&_u=aGDCCEABBAAAAC~&jid=&gjid=&cid=1612840651.1664773860&tid=UA-41803108-14&_gid=1340679680.1664773860&gtm=2wg9s05HZKLL&z=333846911

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 18:52:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37111
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 7B03 52 KB
24 KB 364ms
31ms Stylesheet
text/css 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 20:08:24 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 7B03 392 KB
157 KB 417ms
84ms Script
text/javascript 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 308ms
7ms Image
text/plain 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=248325143618417&ev=Microdata&dl=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D&rl=&if=false&ts=1664773860567&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SPECIAL%2024TH%20BANK%20MANDIRI%20ANNIVERSARY%20-%20Garuda%20Indonesia%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664773860005.232034213&it=1664773859959&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Oct 2022 05:11:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 7746 52 KB
24 KB 391ms
70ms Stylesheet
text/css 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 20:08:24 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 7746 392 KB
157 KB 438ms
117ms Script
text/javascript 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

GET
H2 200 opt-in-dialog.css
assets.api.useinsider.com/css/ 3 KB
1 KB 31ms
18ms Stylesheet
text/css 162.159.133.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.api.useinsider.com/css/opt-in-dialog.css

Requested by

Host: garuda.api.useinsider.com
URL: https://garuda.api.useinsider.com/ins.js?id=10001306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.133.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 51169
cf-polished: origSize=4371
x-xss-protection: 1
pragma: public
cf-bgj: minify
last-modified: Thu, 29 Sep 2022 14:46:34 GMT
server: cloudflare
etag: W/"6335afca-1113"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 75432cb4bf0c6928-FRA
expires: Thu, 06 Oct 2022 05:11:00 GMT

GET
H2 200 native-push-sdk.js Show response
eitri.api.useinsider.com/static/ 18 KB
6 KB 38ms
23ms Script
application/javascript 162.159.133.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eitri.api.useinsider.com/static/native-push-sdk.js
Requested by: Host: garuda.api.useinsider.com
URL: https://garuda.api.useinsider.com/ins.js?id=10001306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59864b38f0bf2e4ee8fd08023312fbcf79c915590d177ed935ec06f30970898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
x-amz-version-id: Ys3EoxRy8ZlSFFYDaXVSGodD7zy9J_4L
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 09:05:46 GMT
server: cloudflare
x-amz-request-id: CD9FEBDTHW9G7JAN
age: 200
etag: W/"a54bea94924cc6ef7c818a7132dbc087"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 75432cb4df266928-FRA
x-amz-id-2: mHoufNByIkYEfHRMtK8NYTnngIsIk3cXqe3KHVHjIwl4P+ogAiHu19z2haRyxpBF3LbbKhazJ/o=
expires: Mon, 03 Oct 2022 05:16:00 GMT

GET
H2 200 dc_pre=CIHqvfSlw_oCFYyEUQod2HwEHw;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offer... Show response
adservice.google.de/ddm/fls/i/ Frame F021 194 B
870 B 388ms
53ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIHqvfSlw_oCFYyEUQod2HwEHw;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIHqvfSlw_oCFYyEUQod2HwEHw;src=8543057;type=garuda;cat=garud0;ord=8021004779480;gtm=2wg9s0;auiddc=2115931848.1664773860;~oref=https%3A%2F%2Fwww.garuda-indonesia.com%2Fid%2Fen%2Fspecial-offers%2Fsales-promotion%2FHUT-MANDIRI24%3FinsNltCmpId%3D17624%26insNltSldt%3D10080%26isInsNltCmp%3D1%26utm_campaign%3Dhut_mandiri24%26utm_campaign%3DHUT_Mandiri24%26utm_content%3Den_1oct%26utm_content%3Den_01oct%26utm_medium%3Demail%26utm_medium%3Demail%26utm_source%3Demail%26utm_source%3Demail%26utm_status%3Dtrue%26utm_term%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:11:00 GMT
expires: Mon, 03 Oct 2022 05:11:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 47ms
47ms Image
image/gif 162.159.133.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5nYXJ1ZGEtaW5kb25lc2lhLmNvbS9pZC9lbi9zcGVjaWFsLW9mZmVycy9zYWxlcy1wcm9tb3Rpb24vSFVULU1BTkRJUkkyND9pbnNObHRDbXBJZD0xNzYyNCZpbnNObHRTbGR0PTEwMDgwJmlzSW5zTmx0Q21wPTEmdXRtX2NhbXBhaWduPWh1dF9tYW5kaXJpMjQmdXRtX2NhbXBhaWduPUhVVF9NYW5kaXJpMjQmdXRtX2NvbnRlbnQ9ZW5fMW9jdCZ1dG1fY29udGVudD1lbl8wMW9jdCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc291cmNlPWVtYWlsJnV0bV9zdGF0dXM9dHJ1ZSZ1dG1fdGVybT0iLCJyZWZlcmVyIjoiaHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb20vaWQvZW4vc3BlY2lhbC1vZmZlcnMvc2FsZXMtcHJvbW90aW9uL0hVVC1NQU5ESVJJMjQ%2FaW5zTmx0Q21wSWQ9MTc2MjQmaW5zTmx0U2xkdD0xMDA4MCZpc0luc05sdENtcD0xJnV0bV9jYW1wYWlnbj1odXRfbWFuZGlyaTI0JnV0bV9jYW1wYWlnbj1IVVRfTWFuZGlyaTI0JnV0bV9jb250ZW50PWVuXzFvY3QmdXRtX2NvbnRlbnQ9ZW5fMDFvY3QmdXRtX21lZGl1bT1lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc3RhdHVzPXRydWUmdXRtX3Rlcm09IiwidXNlcklkIjoiMTY2NDc3Mzg2MDUyNDc1ZTk0MjBhNTkuMzI0MjUxMTgiLCJwbGF0Zm9ybSI6IndlYiIsInQiOiJzdG9yZUxvZyIsInR5cGUiOiJ3ZWJQdXNoIiwibG9nVHlwZSI6Im5hdGl2ZS1wZXJtaXNzaW9uLWltcHJlc3Npb24iLCJicm93c2VyIjoiQ2hyb21lIiwiaXNNb2JpbGUiOmZhbHNlLCJ1c2VySUQiOiIxNjY0NzczODYwNTI0NzVlOTQyMGE1OS4zMjQyNTExOCIsImxhbmd1YWdlIjoiZW5fVVMifQ%3D%3D&t=w&pn=garuda
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75432cb4ff726928-FRA
content-length: 42
content-type: image/gif

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
94 B 40ms
40ms Image
image/gif 162.159.133.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5nYXJ1ZGEtaW5kb25lc2lhLmNvbS9pZC9lbi9zcGVjaWFsLW9mZmVycy9zYWxlcy1wcm9tb3Rpb24vSFVULU1BTkRJUkkyND9pbnNObHRDbXBJZD0xNzYyNCZpbnNObHRTbGR0PTEwMDgwJmlzSW5zTmx0Q21wPTEmdXRtX2NhbXBhaWduPWh1dF9tYW5kaXJpMjQmdXRtX2NhbXBhaWduPUhVVF9NYW5kaXJpMjQmdXRtX2NvbnRlbnQ9ZW5fMW9jdCZ1dG1fY29udGVudD1lbl8wMW9jdCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc291cmNlPWVtYWlsJnV0bV9zdGF0dXM9dHJ1ZSZ1dG1fdGVybT0iLCJyZWZlcmVyIjoiaHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb20vaWQvZW4vc3BlY2lhbC1vZmZlcnMvc2FsZXMtcHJvbW90aW9uL0hVVC1NQU5ESVJJMjQ%2FaW5zTmx0Q21wSWQ9MTc2MjQmaW5zTmx0U2xkdD0xMDA4MCZpc0luc05sdENtcD0xJnV0bV9jYW1wYWlnbj1odXRfbWFuZGlyaTI0JnV0bV9jYW1wYWlnbj1IVVRfTWFuZGlyaTI0JnV0bV9jb250ZW50PWVuXzFvY3QmdXRtX2NvbnRlbnQ9ZW5fMDFvY3QmdXRtX21lZGl1bT1lbWFpbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9ZW1haWwmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fc3RhdHVzPXRydWUmdXRtX3Rlcm09IiwidXNlcklkIjoiMTY2NDc3Mzg2MDUyNDc1ZTk0MjBhNTkuMzI0MjUxMTgiLCJwbGF0Zm9ybSI6IndlYiIsInQiOiJzdG9yZUxvZyIsInR5cGUiOiJ3ZWJQdXNoIiwibG9nVHlwZSI6InB1c2gtcmVxdWVzdCIsImJyb3dzZXIiOiJDaHJvbWUiLCJpc01vYmlsZSI6ZmFsc2UsInVzZXJJRCI6IjE2NjQ3NzM4NjA1MjQ3NWU5NDIwYTU5LjMyNDI1MTE4IiwibGFuZ3VhZ2UiOiJlbl9VUyJ9&t=w&pn=garuda
Requested by: Host: www.garuda-indonesia.com
URL: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75432cb50f766928-FRA
content-length: 42
content-type: image/gif

GET
H2 200 ridewayslogo.png
secure.rentalcars.com/partners/integrations/stand-alone-app/import/template/garuda/images/ Frame A926 6 KB
6 KB 36ms
35ms Image
image/png 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/import/template/garuda/images/ridewayslogo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93d5053e926990cbeba965eb79fe564c33ed43769e5c33c26add9b618eeb906b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 159
cf-polished: origSize=9482, status=vary_header_present
x-envoy-upstream-service-time: 41
content-length: 5849
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Feb 2022 14:10:55 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "250a-5d782490f19c0"
vary: User-Agent, Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75432cb54c516937-FRA
expires: Mon, 03 Oct 2022 09:11:00 GMT

GET
H/1.1 200
OK TravelDocWidget.min.css
widget.api.traveldoc.aero/Content/ 14 KB
2 KB 31ms
30ms Stylesheet
text/css 191.237.222.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.api.traveldoc.aero/Content/TravelDocWidget.min.css
Requested by: Host: widget.api.traveldoc.aero
URL: https://widget.api.traveldoc.aero/JS/Script.js?Color=Default&Orientation=Standard&ClientContainer=submenu-traveldoc-floating&Language=en&_=1664773859247
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 191.237.222.171 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8bbc902018814d2eaa65dc57358081877376c1eaf2a3afcc4dc2724f06d08c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 05:10:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Sep 2020 13:27:47 GMT
Server: Microsoft-IIS/8.5
ETag: "80cbdfac1a85d61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2137

GET
H/1.1 200
OK GetLocations Show response
widget.api.traveldoc.aero/WidgetService.svc/JSON/ 53 KB
54 KB 171ms
88ms XHR
application/json 191.237.222.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.api.traveldoc.aero/WidgetService.svc/JSON/GetLocations?Language=en
Requested by: Host: widget.api.traveldoc.aero
URL: https://widget.api.traveldoc.aero/JS/Script.js?Color=Default&Orientation=Standard&ClientContainer=submenu-traveldoc-floating&Language=en&_=1664773859247
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 191.237.222.171 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 12d685c442d197aaea68d08837aa903efb9a93f8af81fc78adc663707458fcfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 05:10:59 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 54687

GET
H2 200 U7MAWJlE6hZ.png
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 928B 522 B
767 B 7ms
7ms Image
image/png 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/U7MAWJlE6hZ.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15a811a37482e8%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff431c81312acb%26relation%3Dparent.parent&container_width=0&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

1e0380df4c498644bb12391c4d0e5c39a625113e0906a8463ae473dfa6533720

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
x-content-type-options: nosniff
content-md5: 3AqCXDpjCzTAeVl9384gMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 522
x-fb-rlafr: 0
x-fb-debug: ZCz+UEEctA+SidA4oC7z5TJWLYeaM6SRrIS8ejujhA5hbZ/9Ujt4ElY39HAoAaCFo1372K8a+2t10aeIBMTILQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 01 Oct 2023 03:41:36 GMT

GET
H2 200 IxmmwNrzymy.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/ Frame 928B 540 KB
143 KB 8ms
8ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/IxmmwNrzymy.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

9f581c10eadbb1b0b2a2ced0bc3489a98867230027e97a066b88e43f6cedd6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: A3PBT2OYWTUSelPdbaL+wg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 145684
x-fb-rlafr: 0
x-fb-debug: VubMpTiV2cSK6hBQwc1X2XWbpGmOaMMf0T+RBUUu/b6EAIULbhrlQbAnrMbDg1oxrq6+d0lrkS1VPCz64ME/MA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Sep 2023 19:15:56 GMT

GET
H2 200 U7MAWJlE6hZ.png
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 4DA6 522 B
689 B 308ms
7ms Image
image/png 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/U7MAWJlE6hZ.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa62c6bb4a44%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff431c81312acb%26relation%3Dparent.parent&container_width=0&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

1e0380df4c498644bb12391c4d0e5c39a625113e0906a8463ae473dfa6533720

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
x-content-type-options: nosniff
content-md5: 3AqCXDpjCzTAeVl9384gMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 522
x-fb-rlafr: 0
x-fb-debug: ZCz+UEEctA+SidA4oC7z5TJWLYeaM6SRrIS8ejujhA5hbZ/9Ujt4ElY39HAoAaCFo1372K8a+2t10aeIBMTILQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 01 Oct 2023 03:41:36 GMT

GET
H2 200 IxmmwNrzymy.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/ Frame 4DA6 540 KB
142 KB 308ms
7ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/IxmmwNrzymy.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa62c6bb4a44%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff431c81312acb%26relation%3Dparent.parent&container_width=0&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

9f581c10eadbb1b0b2a2ced0bc3489a98867230027e97a066b88e43f6cedd6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: A3PBT2OYWTUSelPdbaL+wg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 145684
x-fb-rlafr: 0
x-fb-debug: VubMpTiV2cSK6hBQwc1X2XWbpGmOaMMf0T+RBUUu/b6EAIULbhrlQbAnrMbDg1oxrq6+d0lrkS1VPCz64ME/MA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Sep 2023 19:15:56 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
131 B 319ms
19ms XHR
text/plain 142.250.27.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-41803108-14&cid=1612840651.1664773860&jid=1778789872&gjid=619938106&_gid=1340679680.1664773860&_u=YGBACEAABAAAAC~&z=1192620307

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.27.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ra-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.garuda-indonesia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 03 Oct 2022 05:11:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.garuda-indonesia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame A926 49 KB
19 KB 313ms
12ms Script
text/javascript 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND9GV5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 05:01:59 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 542
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Mon, 03 Oct 2022 07:01:59 GMT

GET
H2 200 adrum-4.4.3.717.js Show response
cdn.appdynamics.com/adrum/ Frame A926 63 KB
23 KB 39ms
8ms Script
application/javascript 143.204.89.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-4.4.3.717.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND9GV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-24.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: f652a403a343af5f7d5f4999168960f55aed86bbdff472ef4da0fa8fbd81ef5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 17:25:06 GMT
content-encoding: gzip
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1079154
x-cache: Hit from cloudfront
last-modified: Mon, 23 Apr 2018 23:58:01 GMT
server: nginx/1.16.1
etag: W/"5ade7309-fbb8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vdzEB2H0CeBLJ8AzSJfVdR1XHE9oaphFv6fw5zw8Dp_L3cM45uS66g==

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
375 B 54ms
46ms XHR
text/plain 162.159.133.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: garuda.api.useinsider.com
URL: https://garuda.api.useinsider.com/ins.js?id=10001306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.garuda-indonesia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: e1ee5715-41b6-4081-a445-7de0caad2619
cf-ray: 75432cb70d549975-FRA
content-length: 16

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
299 B 52ms
50ms XHR
text/plain 162.159.133.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: garuda.api.useinsider.com
URL: https://garuda.api.useinsider.com/ins.js?id=10001306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.garuda-indonesia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 063f0dac-36a7-4aff-a15b-161d0e16a5c8
cf-ray: 75432cb72d8f9975-FRA
content-length: 16

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1F39 49 KB
19 KB 313ms
12ms Script
text/javascript 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND9GV5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 05:01:59 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 542
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Mon, 03 Oct 2022 07:01:59 GMT

GET
H2 200 adrum-4.4.3.717.js Show response
cdn.appdynamics.com/adrum/ Frame 1F39 63 KB
23 KB 9ms
8ms Script
application/javascript 143.204.89.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-4.4.3.717.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND9GV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-24.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: f652a403a343af5f7d5f4999168960f55aed86bbdff472ef4da0fa8fbd81ef5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 17:25:06 GMT
content-encoding: gzip
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1079155
x-cache: Hit from cloudfront
last-modified: Mon, 23 Apr 2018 23:58:01 GMT
server: nginx/1.16.1
etag: W/"5ade7309-fbb8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PhBSbyNhmLo7h2o_6bSA4jij6ip8kCAbPoZQeFrKtyEP0xuUR92icA==

GET
H2 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 4F76 49 B
666 B 341ms
40ms XHR
application/json 142.250.186.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.garuda-indonesia.com&client_id=1045604805004-es0gvhgl4vq0vj7iqha4lh9149pp7tca.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.eJOmNFtKVN8.es5.O/d=1/rs=AOaEmlEFcwHlVJ4B0u3e71WJCcV_vzbOGA/m=base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.173 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f13.1e100.net

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-uFkNLXzC1ofCCez_Ty8L0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-uFkNLXzC1ofCCez_Ty8L0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-encoding: gzip
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/json; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 03 Oct 2022 05:11:01 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 327ms
25ms Image
image/gif 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-41803108-14&cid=1612840651.1664773860&jid=1778789872&_u=YGBACEAABAAAAC~&z=1315206490

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 326ms
25ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-41803108-14&cid=1612840651.1664773860&jid=1778789872&_u=YGBACEAABAAAAC~&z=1315206490

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.garuda-indonesia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 login_button.php Show response
www.facebook.com/v6.0/plugins/ Frame 2AA2 31 KB
12 KB 369ms
68ms Document
text/html 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3686b103f308e8%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff431c81312acb%26relation%3Dparent.parent&container_width=45&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4ff171b788730b72738d95487daf070a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

Resource Hash

55a39891ab0b65e82e10f5bf3ff2263c6fae3d4ea6a9019d5ba650200c314c21

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Mon, 03 Oct 2022 05:11:01 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: /bn0+ni2T8gFHU4lLe5hwjhRVwXThBu/b5ZzOqWWnMwGezkQunLdu1WQ2v304gseR1YeuOqN1EE7Iv8WUiDvlA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 ridewayslogo.png
secure.rentalcars.com/partners/integrations/stand-alone-app/import/template/garuda/images/ Frame 1F39 6 KB
6 KB 24ms
24ms Image
image/png 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.rentalcars.com/partners/integrations/stand-alone-app/import/template/garuda/images/ridewayslogo.png

Requested by

Host: secure.rentalcars.com
URL: https://secure.rentalcars.com/partners/integrations/stand-alone-app/js/app.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.105.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93d5053e926990cbeba965eb79fe564c33ed43769e5c33c26add9b618eeb906b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 160
cf-polished: origSize=9482, status=vary_header_present
x-envoy-upstream-service-time: 41
content-length: 5849
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Feb 2022 14:10:55 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "250a-5d782490f19c0"
vary: User-Agent, Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75432cb818db6937-FRA
expires: Mon, 03 Oct 2022 09:11:01 GMT

GET
DATA 200
OK truncated
/ Frame 7746 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7746 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7746 2 KB
2 KB 330ms
29ms Image
image/png 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:16:38 GMT
x-content-type-options: nosniff
age: 330863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 06 Oct 2022 09:16:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7746 15 KB
16 KB 352ms
13ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://recaptcha.net/
Origin: https://recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 496376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 27 Sep 2023 11:18:05 GMT

GET
H2 200 webworker.js
recaptcha.net/recaptcha/api2/ Frame 7B03 102 B
204 B 355ms
52ms Other
text/javascript 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

GSE /

Resource Hash

380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=yuf9x5djibn9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 03 Oct 2022 05:11:01 GMT

GET
H2 200 webworker.js
recaptcha.net/recaptcha/api2/ Frame CB3A 102 B
178 B 352ms
51ms Other
text/javascript 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

GSE /

Resource Hash

380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=iseuola50lk4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 03 Oct 2022 05:11:01 GMT

GET
H2 200 webworker.js
recaptcha.net/recaptcha/api2/ Frame 7746 102 B
178 B 352ms
52ms Other
text/javascript 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

GSE /

Resource Hash

380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo&co=aHR0cHM6Ly93d3cuZ2FydWRhLWluZG9uZXNpYS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=dx74bhm5h7h3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 03 Oct 2022 05:11:01 GMT

GET
H2 200 bframe Show response
recaptcha.net/recaptcha/api2/ Frame 4995 7 KB
1 KB 397ms
52ms Document
text/html 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

GSE /

Resource Hash

03c6c61ac64bb1fb9dd52d532e904eddf873614c4dde55d2cd1deb2fb4095012

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZSHzd9Htalw6SZ4FtjJupQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-ZSHzd9Htalw6SZ4FtjJupQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:11:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 bframe Show response
recaptcha.net/recaptcha/api2/ Frame F76E 7 KB
1 KB 392ms
57ms Document
text/html 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

GSE /

Resource Hash

ab0980461625262b1097e46e34474aa69fbd71e846145580d12e3ec19c48d0af

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PAvvfAc-0f51EfHiDjGy8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1115
content-security-policy: script-src 'report-sample' 'nonce-PAvvfAc-0f51EfHiDjGy8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:11:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 bframe Show response
recaptcha.net/recaptcha/api2/ Frame 0A6F 7 KB
1 KB 385ms
54ms Document
text/html 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

GSE /

Resource Hash

f48df595413a7dfdba521415b4a55524e370e9837f1f891adf0f559467512530

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YR8AdClLXKzVld-PoNC1DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.garuda-indonesia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-YR8AdClLXKzVld-PoNC1DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:11:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 jquery-ui-pg-marketing.custom.css
upgrade-cdn-prd.plusgrade.com/offer/css/ Frame 3EDD 23 KB
23 KB 9ms
9ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/css/jquery-ui-pg-marketing.custom.css
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8e9ec1d5df91e6faf2cedb2ccb4f804a23e498634741cb7dc83281b9ccd5b67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:51:47 GMT
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2019 06:40:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 1155
etag: "1dd981e79092c955ba8865e377f3087f"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 23530
x-amz-cf-id: K4zfc9SOhXec0WdVUiacN1lK1uj2pKi-e8dvtWqq3CGx6nhT7GojtQ==

GET
H2 200 marketing.css
upgrade-cdn-prd.plusgrade.com/offer/css/ Frame 3EDD 2 KB
2 KB 9ms
9ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/css/marketing.css
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9eb7feb44b258b98248cef01f3d74c49f2e18c30c246e2b35cbe71a2ef371694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:51:47 GMT
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2019 06:40:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 1155
etag: "7fe4dc0351d2090259cad34ad4e2875b"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1660
x-amz-cf-id: Lbq1DnYjtpb5t575x7Dg6Si1gNso3OJgxkYt9I8tp6ka7GVRfJOUqQ==

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 3EDD 100 B
1 KB 106ms
106ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery1620055920244369812355_1664773861316&code=marketing.pnr.lookup.check.eligibility&application=consumer-app&lang=en&_=1664773861422
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: c239ba621aa8eae5c2e9d50ad8180694bd0d87540bc6039633a3703b312aee4f

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 7
date: Mon, 03 Oct 2022 05:11:01 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 3EDD 119 B
1 KB 107ms
107ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery1620055920244369812355_1664773861317&code=marketing.pnr.lookup.validation&application=consumer-app&lang=en&_=1664773861422
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 8c249466c005d1dc557f00b11fab0c35d08ed910880f0321efcbbf11008b03a9

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 7
date: Mon, 03 Oct 2022 05:11:01 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 3EDD 69 B
1 KB 106ms
106ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery1620055920244369812355_1664773861318&code=marketing.pnr.lookup.validation.required&application=consumer-app&lang=en&_=1664773861422
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e6d25643ae64eb473f7ee88c71ee606dbdb21973060876862aaff540054f94cd

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 7
date: Mon, 03 Oct 2022 05:11:01 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 3EDD 68 B
1 KB 105ms
105ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery1620055920244369812355_1664773861319&code=marketing.pnr.lookup.validation.invalid&application=consumer-app&lang=en&_=1664773861423
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 7ab583db80d5527a24744b5b027d3865a701808d7ecbf7c7957d92874b138b15

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 6
date: Mon, 03 Oct 2022 05:11:01 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 3EDD 119 B
1 KB 108ms
107ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery1620055920244369812355_1664773861320&code=marketing.pnr.lookup.eligible.error&application=consumer-app&lang=en&_=1664773861423
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 99580687ae1c4ca538b7a79c9d5ce10e52a44057aa177c66cc114d271d1e5c42

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 5
date: Mon, 03 Oct 2022 05:11:01 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 adrum-ext.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.js Show response
cdn.appdynamics.com/ Frame A926 49 KB
19 KB 9ms
8ms Script
application/javascript 143.204.89.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.4.3.717.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-24.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 62001c694bb883aaa50d69cec8f9682c6b0b00c1ad707963de6225f990bc5cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 05:57:18 GMT
content-encoding: gzip
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1120423
x-cache: Hit from cloudfront
last-modified: Mon, 23 Apr 2018 23:56:54 GMT
server: nginx/1.16.1
etag: W/"5ade72c6-c5db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Zkj5M449Yv8c9p_BMfCME3e2ykv5kVCx0DfAyzsRY0J9QClBvWnWBw==

GET
H2 200 adrum-ext.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.js Show response
cdn.appdynamics.com/ Frame 1F39 49 KB
19 KB 9ms
8ms Script
application/javascript 143.204.89.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.4.3.717.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-24.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 62001c694bb883aaa50d69cec8f9682c6b0b00c1ad707963de6225f990bc5cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 05:57:18 GMT
content-encoding: gzip
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1120423
x-cache: Hit from cloudfront
last-modified: Mon, 23 Apr 2018 23:56:54 GMT
server: nginx/1.16.1
etag: W/"5ade72c6-c5db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 00ndL8-F1U-Le-c0d7wUYZ-qpChP0a_xlel7anRp0T00ZDdSAPd_WQ==

GET
H2 200 adrum-xd.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.html Show response
cdn.appdynamics.com/ Frame B374 2 KB
2 KB 8ms
8ms Document
text/html 143.204.89.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-xd.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.html
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-24.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 3cc12075cc87131f3818b8a13899d9bb22676277d7b79de7fdda2165fd8b08d0

Request headers

Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
age: 2343938
cache-control: public, max-age=2678400, s-max-age=14400
content-encoding: gzip
content-type: text/html
date: Tue, 06 Sep 2022 02:05:23 GMT
etag: W/"5adf6e6a-7e2"
last-modified: Tue, 24 Apr 2018 17:50:34 GMT
server: nginx/1.16.1
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-id: EEyJHX52UDIstX8vaolv60mQmtLs401ldilwUphe_3_h9S9Xo-XXKQ==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront

GET
H2 200 U7MAWJlE6hZ.png
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 2AA2 522 B
666 B 308ms
7ms Image
image/png 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/U7MAWJlE6hZ.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3686b103f308e8%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff431c81312acb%26relation%3Dparent.parent&container_width=45&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

1e0380df4c498644bb12391c4d0e5c39a625113e0906a8463ae473dfa6533720

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
x-content-type-options: nosniff
content-md5: 3AqCXDpjCzTAeVl9384gMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 522
x-fb-rlafr: 0
x-fb-debug: ZCz+UEEctA+SidA4oC7z5TJWLYeaM6SRrIS8ejujhA5hbZ/9Ujt4ElY39HAoAaCFo1372K8a+2t10aeIBMTILQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 01 Oct 2023 03:41:36 GMT

GET
H2 200 IxmmwNrzymy.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/ Frame 2AA2 540 KB
142 KB 308ms
8ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yY/l/en_US/IxmmwNrzymy.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v6.0/plugins/login_button.php?app_id=2077467505731265&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3686b103f308e8%26domain%3Dwww.garuda-indonesia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.garuda-indonesia.com%252Ff431c81312acb%26relation%3Dparent.parent&container_width=45&layout=default&locale=en_US&login_text=&sdk=joey&size=large&use_continue_as=false&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

9f581c10eadbb1b0b2a2ced0bc3489a98867230027e97a066b88e43f6cedd6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 05:11:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: A3PBT2OYWTUSelPdbaL+wg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 145684
x-fb-rlafr: 0
x-fb-debug: VubMpTiV2cSK6hBQwc1X2XWbpGmOaMMf0T+RBUUu/b6EAIULbhrlQbAnrMbDg1oxrq6+d0lrkS1VPCz64ME/MA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Sep 2023 19:15:56 GMT

GET
H2 200 adrum-xd.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.html Show response
cdn.appdynamics.com/ Frame FC18 2 KB
2 KB 8ms
7ms Document
text/html 143.204.89.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-xd.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.html
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-24.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 3cc12075cc87131f3818b8a13899d9bb22676277d7b79de7fdda2165fd8b08d0

Request headers

Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
age: 2343938
cache-control: public, max-age=2678400, s-max-age=14400
content-encoding: gzip
content-type: text/html
date: Tue, 06 Sep 2022 02:05:23 GMT
etag: W/"5adf6e6a-7e2"
last-modified: Tue, 24 Apr 2018 17:50:34 GMT
server: nginx/1.16.1
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-id: V-dnygS9iB1uURGe9Ag7PqOwU4r9RfruYpivyFC787MfkFIjaDxv5A==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 4995 52 KB
24 KB 329ms
29ms Stylesheet
text/css 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 20:08:24 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 4995 392 KB
157 KB 331ms
30ms Script
text/javascript 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 0A6F 52 KB
24 KB 332ms
30ms Stylesheet
text/css 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 20:08:24 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 0A6F 392 KB
157 KB 334ms
33ms Script
text/javascript 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

GET
H2 200 jquery-ui-pg-marketing.custom.css
upgrade-cdn-prd.plusgrade.com/offer/css/ Frame 164E 23 KB
23 KB 8ms
7ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/css/jquery-ui-pg-marketing.custom.css
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8e9ec1d5df91e6faf2cedb2ccb4f804a23e498634741cb7dc83281b9ccd5b67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:51:47 GMT
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2019 06:40:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 1155
etag: "1dd981e79092c955ba8865e377f3087f"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 23530
x-amz-cf-id: mAyPEc4Zsd8GmD3P3adSsdc4oF0NmjHNh95eRUZDCxNU_zUzud1VUw==

GET
H2 200 marketing.css
upgrade-cdn-prd.plusgrade.com/offer/css/ Frame 164E 2 KB
2 KB 8ms
8ms Stylesheet
text/css 108.138.7.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade-cdn-prd.plusgrade.com/offer/css/marketing.css
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-22.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9eb7feb44b258b98248cef01f3d74c49f2e18c30c246e2b35cbe71a2ef371694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upgrade.plusgrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:51:47 GMT
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2019 06:40:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 1155
etag: "7fe4dc0351d2090259cad34ad4e2875b"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1660
x-amz-cf-id: A4hA9VZrgShoMBJhV1BPBfzscuRu6_DnZ61X8YYVKz2z-zDHbpR0eg==

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 164E 98 B
1 KB 108ms
108ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16206841341490786634_1664773861787&code=marketing.pnr.lookup.check.eligibility&application=consumer-app&lang=en&_=1664773861809
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: c259e924ded07d5150c272ddb0b9a9479be94cededb99d0a66a06e66a97d7d82

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 5
date: Mon, 03 Oct 2022 05:11:01 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 164E 117 B
1 KB 111ms
110ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16206841341490786634_1664773861788&code=marketing.pnr.lookup.validation&application=consumer-app&lang=en&_=1664773861809
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 3f8b895e017b5e9da26364b8eb3e24a62e10b2e64a90f325e4d3e7a3008e84b5

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 5
date: Mon, 03 Oct 2022 05:11:01 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 164E 67 B
1 KB 108ms
108ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16206841341490786634_1664773861789&code=marketing.pnr.lookup.validation.required&application=consumer-app&lang=en&_=1664773861809
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 6fd0701ee2c7f8cf227eaa4c0c574b2c87a0132327529867e066618a4f875711

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 6
date: Mon, 03 Oct 2022 05:11:01 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 164E 66 B
1 KB 114ms
112ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16206841341490786634_1664773861790&code=marketing.pnr.lookup.validation.invalid&application=consumer-app&lang=en&_=1664773861810
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: c139e2bc8f5ca64e67b3c32f912f6a43df194b927eb0dc0c02e5280bbf7e07d9

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 7
date: Mon, 03 Oct 2022 05:11:01 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 textKey Show response
upgrade.plusgrade.com/offer/8jaF61GA/ Frame 164E 117 B
1 KB 113ms
111ms XHR
application/javascript 34.200.208.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upgrade.plusgrade.com/offer/8jaF61GA/textKey?pg_callback=jQuery16206841341490786634_1664773861791&code=marketing.pnr.lookup.eligible.error&application=consumer-app&lang=en&_=1664773861810
Requested by: Host: upgrade-cdn-prd.plusgrade.com
URL: https://upgrade-cdn-prd.plusgrade.com/offer/8jaF61GA/eligibility/lookup.js?pg_jquery=true&pg_jqueryUI=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.208.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-208-201.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: d5087729194486124af69f90e90ef1f9ae22ccd3483adf634d29de66cae104f2

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://upgrade.plusgrade.com/offer/Garuda?apiKey=W1O6NZmpxaMw8p7z4r66xXZ5
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

x-kong-upstream-latency: 6
date: Mon, 03 Oct 2022 05:11:01 GMT
via: kong/0.12.3
server: Apache-Coyote/1.1
x-robots-tag: noindex
x-kong-proxy-latency: 0
content-type: application/javascript;charset=UTF-8

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame F76E 52 KB
24 KB 330ms
29ms Stylesheet
text/css 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 20:08:24 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame F76E 392 KB
157 KB 332ms
30ms Script
text/javascript 172.217.20.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LeNKOAUAAAAAHcSvH4YL62jk29Si9RkuGKPKPzo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f3.1e100.net

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:17:11 GMT

POST
H2 200 rum Show response
www.garuda-indonesia.com/cdn-cgi/ 0
205 B 22ms
21ms XHR
text/plain 104.18.10.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.garuda-indonesia.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.192 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.garuda-indonesia.com/id/en/special-offers/sales-promotion/HUT-MANDIRI24?insNltCmpId=17624&insNltSldt=10080&isInsNltCmp=1&utm_campaign=hut_mandiri24&utm_campaign=HUT_Mandiri24&utm_content=en_1oct&utm_content=en_01oct&utm_medium=email&utm_medium=email&utm_source=email&utm_source=email&utm_status=true&utm_term=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
content-type: application/json

Response headers

date: Mon, 03 Oct 2022 05:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.garuda-indonesia.com
content-type: text/plain
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 75432cbefa78912e-FRA

POST
H2 200 adrum Show response
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAK-BUH/ Frame A926 0
722 B 549ms
172ms XHR
text/html 52.26.189.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAK-BUH/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.26.189.79 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-26-189-79.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:02 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
access-control-allow-headers: origin, content-type, accept
expires: 0

POST
H2 200 adrum Show response
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAK-BUH/ Frame 1F39 0
721 B 526ms
172ms XHR
text/html 52.26.189.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAK-BUH/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.99c2fcc5ccc30ea4d38a1a74eeb7a6a6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.26.189.79 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-26-189-79.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.rentalcars.com/partners/integrations/stand-alone-app/?preflang=en&integration=stand-alone&css=true&adplat=hpsearchbox&affiliateCode=garuda&affUrl=garuda.rentalcars.com&template=garuda&messages=garuda&return-checkbox-enabled=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 05:11:02 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
access-control-allow-headers: origin, content-type, accept
expires: 0

Verdicts & Comments Add Verdict or Comment

339 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.garuda-indonesia.com/	1970-01-20 06:26:15	Name: __cf_bm Value: HUI2weLcrudcPxCO7yIFCEZ.02iCeT_JE9rN6n8JGi4-1664773859-0-AajOtMaWJ++nBZvyDWukkBqKqlix3LawqjpOJ+KwCBt2ngyuLQtSbHwM65ZURJxl7sYjZEb956xqHkNfwUg5jmE=
.garuda-indonesia.com/	1970-01-20 15:11:49	Name: galocid Value: id
.garuda-indonesia.com/	1970-01-20 15:11:49	Name: galangid Value: en
.garuda-indonesia.com/	1970-01-20 08:35:49	Name: _gcl_au Value: 1.1.2115931848.1664773860
.www.garuda-indonesia.com/	1970-01-20 16:02:13	Name: G_ENABLED_IDPS Value: google
.garuda-indonesia.com/	1970-01-20 08:35:49	Name: _fbp Value: fb.1.1664773860005.232034213
track.omguk.com/	1970-01-20 07:52:41	Name: OMG-Channel-1447134 Value: Channel%3Demailemail
track.omguk.com/	1970-01-20 07:52:41	Name: OMGID Value: UUserID%3D%7B7f249688-9795-4d03-babd-bd5dbcd5256d%7D
track.omguk.com/	1970-01-20 06:26:15	Name: OMGSession Value: SessionID%3De02c7ce7c3fc434596f1d27b2377a3d7%26SessionCount%3D0
.garuda-indonesia.com/	1970-01-20 06:27:40	Name: datautmz Value: undefined
.doubleclick.net/	1970-01-20 15:47:49	Name: IDE Value: AHWqTUlbQd9A9NiY4TrbqY61ggCmVcm85uvTloVyzANq1Ps_9BBWLyvxopHVn4Ha
.useinsider.com/	1970-01-20 06:26:15	Name: __cf_bm Value: KC0j1tmZI0t.3QQ_FN8IiB_LI3lQ.hAgZG5UTrNHn2Y-1664773860-0-AVI8g6+M18gIMFj3VIWdmC1PT+GtU2c7HDpuaj5M1eChe4ofUF10b3KWRkhYbfF6AcyKAJpr+ZCaMOguaDFhnVY=
.garuda-indonesia.com/	1970-01-20 16:02:13	Name: _ga Value: GA1.2.1612840651.1664773860
.garuda-indonesia.com/	1970-01-20 06:27:40	Name: _gid Value: GA1.2.1340679680.1664773860
.garuda-indonesia.com/	1970-01-20 06:26:13	Name: _gat_UA-41803108-14 Value: 1
.garuda-indonesia.com/	1970-01-20 16:02:13	Name: __utma Value: 46826104.1612840651.1664773860.1664773860.1664773860.1
.garuda-indonesia.com/	1969-12-31 23:59:59	Name: __utmc Value: 46826104
.garuda-indonesia.com/	1970-01-20 10:49:01	Name: __utmz Value: 46826104.1664773860.1.1.utmcsr=email\|utmccn=HUT_Mandiri24\|utmcmd=email\|utmcct=en_01oct
.garuda-indonesia.com/	1970-01-20 06:26:14	Name: __utmt Value: 1
.garuda-indonesia.com/	1970-01-20 06:26:15	Name: __utmb Value: 46826104.1.10.1664773860
.mookie1.com/	1970-01-20 15:55:01	Name: id Value: 10525545649982875349
.mookie1.com/	1970-01-20 15:55:01	Name: mdata Value: 1\|10525545649982875349\|1664773860332
.mookie1.com/	1970-01-20 15:55:01	Name: ov Value: 2c5ab1233a072140ee3e600f95f33d4e
.garuda-indonesia.com/	1970-01-20 06:27:40	Name: cartVisited Value: false
www.garuda-indonesia.com/	1969-12-31 23:59:59	Name: ssn Value: AFA6EE21FD03D376905E531D98112F41880772A3375048C9E27F817EB26D09A6123558D5E0E251F5
.google.com/	1970-01-20 10:49:45	Name: NID Value: 511=GqhLmCWr3RLilBz0XPGj1pOgnufBuFc0bfRhuOu7ySu35j-zCdXeM50eHAQHSYL3kWrkCClaGEZ2o4TyJy6O6-xmYn6jGpiyL3QanSjKhBzwEYNr7IXBTi77FeiESFNHz2lkS_jtMq_T_SnJldeFHSwdfEPNtzYsq6Y9mxCIf1Q
upgrade.plusgrade.com/	1970-01-20 06:36:18	Name: AWSALBCORS Value: lYC8diVSrqIu2FvBVIRK4LRLsZtVP6tBs4yjCRQrPItkUdE2ePVx2W2hQrAKFRhKYyMon/G59bZ2KEBN7h40bV5EsFDOJOAJb/HGqHZDo2ACuXDX8aZzmTPy3A1R

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Regular.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-SemiBold.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Bold.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-SemiBold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-SemiBold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.garuda-indonesia.com/etc/designs/garuda/clientlib-site/fonts/Poppins-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.googleadservices.com/pagead/conversion.js(Line 26) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8543057.fls.doubleclick.net
accounts.google.com
adservice.google.com
adservice.google.de
apis.google.com
assets.api.useinsider.com
cdn.appdynamics.com
col.eum-appdynamics.com
connect.facebook.net
d1adj61x0fgvmc.cloudfront.net
eitri.api.useinsider.com
fonts.googleapis.com
fonts.gstatic.com
garuda.api.useinsider.com
googleads.g.doubleclick.net
hit.api.useinsider.com
id-gmtdmp.mookie1.com
location.api.useinsider.com
log.api.useinsider.com
recaptcha.net
secure.rentalcars.com
segment.api.useinsider.com
static.cloudflareinsights.com
static.xx.fbcdn.net
stats.g.doubleclick.net
track.omguk.com
u14189904.ct.sendgrid.net
upgrade-cdn-prd.plusgrade.com
upgrade.plusgrade.com
widget.api.traveldoc.aero
www.facebook.com
www.garuda-indonesia.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.16.105.108
104.18.10.192
108.128.135.179
108.138.7.22
13.32.121.58
142.250.179.202
142.250.180.226
142.250.184.230
142.250.185.142
142.250.185.227
142.250.186.131
142.250.186.173
142.250.186.66
142.250.201.195
142.250.27.154
142.250.74.196
142.251.39.2
143.204.89.24
157.240.20.35
162.159.133.61
162.159.134.61
167.89.123.122
172.217.16.206
172.217.20.3
172.64.156.26
185.60.216.19
191.237.222.171
216.58.212.136
34.200.208.201
35.227.202.26
52.26.189.79
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
02af61d00baa1b2768cd4af22b20a1125092ad8cf300f5eb3f22d1171e2f5592
03c6c61ac64bb1fb9dd52d532e904eddf873614c4dde55d2cd1deb2fb4095012
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b3c698921474308b46d25f4ae5597d05e81bdd853353785690c6e9823aebf71
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
10ce47be2fd189fa573e0be0a36f686aca67101b9fd56f0b557772525fabfbf2
12d685c442d197aaea68d08837aa903efb9a93f8af81fc78adc663707458fcfb
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e0380df4c498644bb12391c4d0e5c39a625113e0906a8463ae473dfa6533720
2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db
285de02294e9c3316c932b5e0bd7db5440ecf91d9067018db2647843d6f9bca1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ca56b2d38c8d7cecc5b20d0ddb9c4d69e05488da0206fcc59f54710d5f8d6bd
3152618b9e2928faf063b4c95beb16abe4ba7bd2217f692b385cb2b1b2c77427
372be624def8cdd41f99d650197254de75fb30411ab34226d6deb7581165f2ee
380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44
3909a4a17a47921ad787a844e05f0c3fb39d23906426fb39a3ce2495ea9e9f0f
3b452e46ee174574b2038927aa871d1b5ad51bd94adb3dcc76073cd97841135c
3bca31dd337180c989c0af8bd301323411041faf620326d8ddd9505bd4574f93
3cc12075cc87131f3818b8a13899d9bb22676277d7b79de7fdda2165fd8b08d0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f8b895e017b5e9da26364b8eb3e24a62e10b2e64a90f325e4d3e7a3008e84b5
42109e7ed95b2e4c7e00b6f2a4b5c24c31b09f1a8572550ac68322cdb46eb369
430c4d457d3ceb4b453ecd5f98a6b7a8d2e8b6551c10fe24519d76834d2d699d
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6
45602df5bf0b09f9877b018a3c5929bd96d7b1ab21a74e312df9cb9e809cc683
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4bdee3e2e973d16f00ac23acf70b46bb762ffeef358471e2017baad3fdf84779
4ce14963bf8765e1efa838b9d10d008805158f3e7f34166a558481a994e47214
53d966f39e621b4ebbea44474d3f04dd95c5316e2772b30c33cdefe2849b9834
551cacdeb3af7f286ff2f063fe607f616df064ef0c24177fc277d5bf5044c15b
55a39891ab0b65e82e10f5bf3ff2263c6fae3d4ea6a9019d5ba650200c314c21
5d9289d80c8a0f25016c5512c537f8b11f71a2fab4024bfd0a036d4ea9bec629
608aadc2860f69c9733d2dadb9c805115f1cdd062cbb9de9187fc74056e2f7c3
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61eef52da89b0a6c719eab460687d6905922766792ea2c21f1cb8c06f59c2b72
62001c694bb883aaa50d69cec8f9682c6b0b00c1ad707963de6225f990bc5cc0
64637d4aa992515b6d20291d5df4a9be804a35fd67937901b899a294bfeb7a95
65440f24f26abf351390af6c013c889e4a071ac973d450c57d697a856a0b88a9
67c59501c03e92a210906807915add76c343f237486b70372fb3daf6b35828e5
68ed33f482be91ade98b780487b7aeb9056326b28ab3411a47b272ab48f48320
6fd0701ee2c7f8cf227eaa4c0c574b2c87a0132327529867e066618a4f875711
6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1
70d14eef971fe22bc95e984724c991e7a9c15aca71ee67a6f91703cabdbadf68
7121011a53bbf9d816b0f861abfc0fe014b545c888883961092456820f506c43
78507485c6d918c51ba19638ebc04e9d06352ed38e91b5a81f89bcdfb7a834e4
7899c7ff0e69c47a80cf0c3a70a4ec4a7f5d75428580fbb0623b55c6fc00e71b
7ab583db80d5527a24744b5b027d3865a701808d7ecbf7c7957d92874b138b15
7c7642d20295b984fa043d105552963fa5da85f5544bd14f15b7a448e89c2227
7e451b43913e763ebf143a3fd9b109a28b7d70070a107b0aadffd03aa0a52b41
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a946a08f157a09df1f78099b80821d3a5c7967d5c824d6ed8f8e78ed7d354a8
8bbc902018814d2eaa65dc57358081877376c1eaf2a3afcc4dc2724f06d08c96
8c249466c005d1dc557f00b11fab0c35d08ed910880f0321efcbbf11008b03a9
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
92fdaf28b8a4d93678a8bc86cc0fd8f2922bd959810f7f2606be1c56bbe45c2e
93d5053e926990cbeba965eb79fe564c33ed43769e5c33c26add9b618eeb906b
941062375e5ec293a6471bad5709e6b5fc3650a924337e990f293868795eb592
959a9b98d3d60f7145449f05f5135b90c1d7fffa64420d3d2533ee4f1fa70c42
99580687ae1c4ca538b7a79c9d5ce10e52a44057aa177c66cc114d271d1e5c42
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9eb7feb44b258b98248cef01f3d74c49f2e18c30c246e2b35cbe71a2ef371694
9f581c10eadbb1b0b2a2ced0bc3489a98867230027e97a066b88e43f6cedd6ff
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3e3a0d80de5ff750a60a4416ba89dce7156c9d4a765b4b358567e2ca87dbb3b
a6a8b1891e37660da6063480a1ddf420c6acb8f282ba43c850f7f3a90af790ff
a8d1464b4efce8a7ce0f9ad896372d9e03443c95cc19769fd7116e6b7af7cdcb
a8e9ec1d5df91e6faf2cedb2ccb4f804a23e498634741cb7dc83281b9ccd5b67
a90a00a4b9cb6d388a135510a77edb5152dc0338b0c90d6ec1016d496000429d
ab0980461625262b1097e46e34474aa69fbd71e846145580d12e3ec19c48d0af
adb46fbd75c2606f0e52cb0be59d16488c5aa07c215feb71d3e8d967fe9324b0
b59864b38f0bf2e4ee8fd08023312fbcf79c915590d177ed935ec06f30970898
b5c5be853e53cda97ca5467eef81b15470643d84a5b79f293ab130ea0f735ab4
b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163
bae70b6c0c16c18ec7adab648dd330784a17e8ce108c2794598a9641c989326c
bb9eabbfac1e1955d6180a50d270c3296e25abfe11fcfba55dc11247cb586fc2
be66cc9a6d7ecf4c3d784eab53c84d41a9c643986ae142df797562964b7ac13c
c04e8bbfa057e098486ff3b17b0e46f85a5e27c89790dfefb48b57cf8f063ce9
c139e2bc8f5ca64e67b3c32f912f6a43df194b927eb0dc0c02e5280bbf7e07d9
c1da456e04605416658f83e9c0a57516823f086afc69fed73b2f61a2ef0c8009
c239ba621aa8eae5c2e9d50ad8180694bd0d87540bc6039633a3703b312aee4f
c259e924ded07d5150c272ddb0b9a9479be94cededb99d0a66a06e66a97d7d82
c811c3c4868830bf69d5a8b1da5bd3497a3a3e68d2ad4b359e7680c9ee7f9088
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cdd17401da8f215c2c73acfba18b46c1043f804661652a2ee266d97704bd5e7f
d0078a00437cee42f772ddbc087f1c3a7e1bca2310e1a64c26bdb9f21b27c932
d356367a75edfe22bfce408e321a4fea2da0ddd7ba668840b7272741adc78ac3
d371dc0a22812195bb4393d47224eff8ca2dccf8d09d337e0b8a0bd9e564c63d
d5087729194486124af69f90e90ef1f9ae22ccd3483adf634d29de66cae104f2
d52732b29196ecf61f97f6b105fe7b4bd781dd284274a8aa1c566423c8ddce38
d7ccc97dbbe16e7851ec9645c7c525d82ab5f9ef0901251c17fd976597492000
d7d277ad3ded41d89d82daaa750df136efbe19dec4a0ffda83fd31d651e2d316
d82d9748622d550e9448cc827d5c0159dd095b969ae9f2df03b84cf20e65fa4e
dafdfb67fa4dc62c7f9b132a43c1aa45ba8a6971614df131062d6de5cb803259
db3c8d13264319a1fb49b333bb7d61b33b42098a20fda4d4947e90f704846f60
de00a543120ad30304350de0735bd3642e8c5bf7a74b1b25d473a67ecaa3b84a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de54222aeed9f0503d5d0f11f548bf3bf9f0ae20a2ab9e8b477f0e61508d89dd
e21a608ad80f22b87610f7ec3df6c9b13619f7ecf03ceb62bfe03a1ca2e5b3c6
e3225c62f78158e1b20d6913eda44028d006dc1d33b61c52d4909b644dec0911
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d25643ae64eb473f7ee88c71ee606dbdb21973060876862aaff540054f94cd
e891417332cca6a94244303b6778408ee36fb64e95f91036570f6daca8b2d7ff
ead9b6523f6f250f5ac9e6daad3ab4468406ebf45a8856cca4508ea1557232d3
ec769743a3c27a76a6408da6cd3cabdd68fd826bb83a8b76a0d923032f397886
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f48df595413a7dfdba521415b4a55524e370e9837f1f891adf0f559467512530
f5b88251d4efb261ca5e8b650fcdbf4cc6290159aa6e8a88f345bd1e93417ac5
f652a403a343af5f7d5f4999168960f55aed86bbdff472ef4da0fa8fbd81ef5f
f8fdffcdc31327f9b595502bde2183bc278d0dd3f40e1535b1d4a6418e54f068
f914e2dd08ab144b439ac851962f79c84eda996f2bcfa9e92df03d425875856b
fb9161d6327f859c0a77c4abe352b5a887e1ddb976f9c66825594b213d8e7e13
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff8f6e2aae88247f15e51c5057b9408b807b545aa7763e623625ba1fca33cbad

www.garuda-indonesia.com Open in urlscan Pro 104.18.10.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

190 Requests

98 %HTTPS

0 %IPv6

24 Domains

38 Subdomains

31 IPs

4 Countries

4904 kBTransfer

12826 kBSize

27 Cookies

16 Outgoing links

Page URL History

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.garuda-indonesia.com Open in urlscan Pro
104.18.10.192 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

98 %
HTTPS

0 %
IPv6

24
Domains

38
Subdomains

31
IPs

4
Countries

4904 kB
Transfer

12826 kB
Size

27
Cookies

190 HTTP transactions
5 data transactions